Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2010-4005

Опубликовано: 06 нояб. 2010
Источник: nvd
CVSS2: 6.9
EPSS Низкий

Описание

The (1) tomboy and (2) tomboy-panel scripts in GNOME Tomboy 1.5.2 and earlier place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: vector 1 exists because of an incorrect fix for CVE-2005-4790.2.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:gnome:tomboy:*:*:*:*:*:*:*:*
Версия до 1.5.2 (включая)
cpe:2.3:a:gnome:tomboy:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:tomboy:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:tomboy:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:tomboy:1.5.1:*:*:*:*:*:*:*

EPSS

Процентиль: 30%
0.00112
Низкий

6.9 Medium

CVSS2

Дефекты

CWE-94

Связанные уязвимости

ubuntu логотип

CVE-2010-4005

ubuntu
больше 15 лет назад

The (1) tomboy and (2) tomboy-panel scripts in GNOME Tomboy 1.5.2 and earlier place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: vector 1 exists because of an incorrect fix for CVE-2005-4790.2.

debian логотип

CVE-2010-4005

debian
больше 15 лет назад

The (1) tomboy and (2) tomboy-panel scripts in GNOME Tomboy 1.5.2 and ...

github логотип

GHSA-wqwx-hhf2-x4q9

github
больше 3 лет назад

The (1) tomboy and (2) tomboy-panel scripts in GNOME Tomboy 1.5.2 and earlier place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: vector 1 exists because of an incorrect fix for CVE-2005-4790.2.

EPSS

Процентиль: 30%
0.00112
Низкий

6.9 Medium

CVSS2

Дефекты

CWE-94