Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2010-3998

Опубликовано: 06 нояб. 2010
Источник: nvd
CVSS2: 6.9
EPSS Низкий

Описание

The (1) banshee-1 and (2) muinshee scripts in Banshee 1.8.0 and earlier place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: Banshee might also be affected using GST_PLUGIN_PATH.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:banshee-project:banshee:*:*:*:*:*:*:*:*
Версия до 1.8.0 (включая)
cpe:2.3:a:banshee-project:banshee:0.13.2:*:*:*:*:*:*:*
cpe:2.3:a:banshee-project:banshee:1.0:*:*:*:*:*:*:*
cpe:2.3:a:banshee-project:banshee:1.2:*:*:*:*:*:*:*
cpe:2.3:a:banshee-project:banshee:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:banshee-project:banshee:1.4:*:*:*:*:*:*:*
cpe:2.3:a:banshee-project:banshee:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:banshee-project:banshee:1.4.3:*:*:*:*:*:*:*
cpe:2.3:a:banshee-project:banshee:1.5.0:*:*:*:*:*:*:*
cpe:2.3:a:banshee-project:banshee:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:banshee-project:banshee:1.5.2:*:*:*:*:*:*:*
cpe:2.3:a:banshee-project:banshee:1.5.3:*:*:*:*:*:*:*
cpe:2.3:a:banshee-project:banshee:1.5.4:*:*:*:*:*:*:*
cpe:2.3:a:banshee-project:banshee:1.5.5:*:*:*:*:*:*:*
cpe:2.3:a:banshee-project:banshee:1.5.6:*:*:*:*:*:*:*
cpe:2.3:a:banshee-project:banshee:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:banshee-project:banshee:1.6.1:*:*:*:*:*:*:*
cpe:2.3:a:banshee-project:banshee:1.7.0:*:*:*:*:*:*:*
cpe:2.3:a:banshee-project:banshee:1.7.1:*:*:*:*:*:*:*
cpe:2.3:a:banshee-project:banshee:1.7.2:*:*:*:*:*:*:*
cpe:2.3:a:banshee-project:banshee:1.7.3:*:*:*:*:*:*:*
cpe:2.3:a:banshee-project:banshee:1.7.4:*:*:*:*:*:*:*
cpe:2.3:a:banshee-project:banshee:1.7.5:*:*:*:*:*:*:*
cpe:2.3:a:banshee-project:banshee:1.7.6:*:*:*:*:*:*:*

EPSS

Процентиль: 16%
0.00051
Низкий

6.9 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

ubuntu логотип

CVE-2010-3998

ubuntu
больше 15 лет назад

The (1) banshee-1 and (2) muinshee scripts in Banshee 1.8.0 and earlier place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: Banshee might also be affected using GST_PLUGIN_PATH.

debian логотип

CVE-2010-3998

debian
больше 15 лет назад

The (1) banshee-1 and (2) muinshee scripts in Banshee 1.8.0 and earlie ...

github логотип

GHSA-r6fr-m835-g4g9

github
больше 3 лет назад

The (1) banshee-1 and (2) muinshee scripts in Banshee 1.8.0 and earlier place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: Banshee might also be affected using GST_PLUGIN_PATH.

EPSS

Процентиль: 16%
0.00051
Низкий

6.9 Medium

CVSS2

Дефекты

NVD-CWE-Other