Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2000-1163
HistoryJan 09, 2001 - 5:00 a.m.

CVE-2000-1163

2001-01-0905:00:00
NVD-CWE-Other
[email protected]
web.nvd.nist.gov
25
ghostscript
cve-2000-1163
vulnerability
user command execution
nvd
ld_run_path

6.9 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON

ghostscript before 5.10-16 uses an empty LD_RUN_PATH environmental variable to find libraries in the current directory, which could allow local users to execute commands as other users by placing a Trojan horse library into a directory from which another user executes ghostscript.

Related

cert 1
nessus 1
cert
cert
Aladdin Ghostscript LD_RUN_PATH environment variable allows libraries to be loaded from current directory
2001-08-21 00:00:00
nessus
nessus
Mandrake Linux Security Advisory : ghostscript (MDKSA-2000:074)
2012-09-06 00:00:00

6.9 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON
Related for CVE-2000-1163
cert1nessus1