Описание
Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and 10.0, and possibly other distributions, cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) beagle, (2) tomboy, or (3) blam. NOTE: in August 2007, the tomboy vector was reported for other distributions.
Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and 10.0, and possibly other distributions, cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) beagle, (2) tomboy, or (3) blam. NOTE: in August 2007, the tomboy vector was reported for other distributions.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2005-4790
- https://bugzilla.gnome.org/show_bug.cgi?id=485224
- https://bugzilla.redhat.com/show_bug.cgi?id=362941
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36054
- https://usn.ubuntu.com/560-1
- https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00206.html
- https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00913.html
- http://bugs.gentoo.org/show_bug.cgi?id=188806
- http://bugs.gentoo.org/show_bug.cgi?id=189249
- http://bugs.gentoo.org/show_bug.cgi?id=199841
- http://osvdb.org/39577
- http://osvdb.org/39578
- http://secunia.com/advisories/26480
- http://secunia.com/advisories/27608
- http://secunia.com/advisories/27621
- http://secunia.com/advisories/27799
- http://secunia.com/advisories/28339
- http://secunia.com/advisories/28672
- http://security.gentoo.org/glsa/glsa-200711-12.xml
- http://security.gentoo.org/glsa/glsa-200801-14.xml
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:064
- http://www.novell.com/linux/security/advisories/2005_22_sr.html
- http://www.securityfocus.com/bid/25341
EPSS
CVE ID
Связанные уязвимости
Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and 10.0, and possibly other distributions, cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) beagle, (2) tomboy, or (3) blam. NOTE: in August 2007, the tomboy vector was reported for other distributions.
Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and 10.0, and possibly other distributions, cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) beagle, (2) tomboy, or (3) blam. NOTE: in August 2007, the tomboy vector was reported for other distributions.
Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and 1 ...
EPSS