Lucene search

[email protected]CVE-2008-2366

HistoryJun 16, 2008 - 6:41 p.m.

CVE-2008-2366

2008-06-1618:41:00

CWE-16

[email protected]

web.nvd.nist.gov

cve-2008-2366

untrusted search path vulnerability

red hat

openoffice.org

rhel

privilege escalation

nvd

6.1 Medium

AI Score

Confidence

Low

4.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.3%

JSON

Untrusted search path vulnerability in a certain Red Hat build script for OpenOffice.org (OOo) 1.1.x on Red Hat Enterprise Linux (RHEL) 3 and 4 allows local users to gain privileges via a malicious library in the current working directory, related to incorrect quoting of the ORIGIN symbol for use in the RPATH library path.

CPENameOperatorVersion
openoffice:openofficeopenofficeeq1.1

CPE	Name	Operator	Version
openoffice:openoffice	openoffice	eq	1.1

References

secunia.com/advisories/30633

securitytracker.com/id?1020278

www.redhat.com/support/errata/RHSA-2008-0538.html

www.securityfocus.com/bid/29695

bugzilla.redhat.com/show_bug.cgi?id=450532

exchange.xforce.ibmcloud.com/vulnerabilities/43322

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11361

6.1 Medium

AI Score

Confidence

Low

4.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.3%

JSON

Related for CVE-2008-2366

prion1 nessus4 openvas10 redhat1 oraclelinux1 centos1