CVE-2001-0084

Опубликовано: 12 фев. 2001

Источник: nvd

CVSS2: 7.2

EPSS Низкий

Описание

GTK+ library allows local users to specify arbitrary modules via the GTK_MODULES environmental variable, which could allow local users to gain privileges if GTK+ is used by a setuid/setgid program.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2000-12/0498.html
Exploit
http://archives.neohapsis.com/archives/bugtraq/2001-01/0027.html
Third Party Advisory
http://www.gtk.org/setuid.html
Third Party Advisory
http://www.securityfocus.com/bid/2165
Exploit
Patch
Third Party Advisory
VDB Entry
Vendor Advisory
http://archives.neohapsis.com/archives/bugtraq/2000-12/0498.html
Exploit
http://archives.neohapsis.com/archives/bugtraq/2001-01/0027.html
Third Party Advisory
http://www.gtk.org/setuid.html
Third Party Advisory
http://www.securityfocus.com/bid/2165
Exploit
Patch
Third Party Advisory
VDB Entry
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:gnome:gtk:1.2.8:*:*:*:*:*:*:*

EPSS

Процентиль: 51%

0.00275

Низкий

7.2 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-7gg7-9cpw-h9r9

github

больше 3 лет назад