[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

252097

 
 

909

 
 

196747

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2005-4790Date: (C)2005-12-31   (M)2023-12-22


Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and 10.0, and possibly other distributions, cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) beagle, (2) tomboy, or (3) blam. NOTE: in August 2007, the tomboy vector was reported for other distributions.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.9
Exploit Score: 3.4
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
BID-25341
SECUNIA-26480
SECUNIA-27608
SECUNIA-27621
SECUNIA-27799
SECUNIA-28339
SECUNIA-28672
OSVDB-39577
OSVDB-39578
FEDORA-2007-3011
FEDORA-2007-3792
GLSA-200711-12
GLSA-200801-14
MDVSA-2008:064
SUSE-SR:2005:022
USN-560-1
http://bugs.gentoo.org/show_bug.cgi?id=188806
http://bugs.gentoo.org/show_bug.cgi?id=189249
http://bugs.gentoo.org/show_bug.cgi?id=199841
https://bugzilla.gnome.org/show_bug.cgi?id=485224
https://bugzilla.redhat.com/show_bug.cgi?id=362941
tomboy-ldlibrarypath-privilege-escalation(36054)

CPE    2
cpe:/o:suse:suse_linux:9.3
cpe:/o:novell:suse_linux:10.0
OVAL    1
oval:org.secpod.oval:def:301386

© SecPod Technologies