6.8 Medium
AI Score
Confidence
Low
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.3%
Untrusted search path vulnerability in the Python plugin in Dia 0.96.1, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).
bugs.debian.org/cgi-bin/bugreport.cgi?bug=504251
secunia.com/advisories/33672
secunia.com/advisories/33703
www.mandriva.com/security/advisories?name=MDVSA-2009:040
www.mandriva.com/security/advisories?name=MDVSA-2009:046
www.openwall.com/lists/oss-security/2009/01/26/2
www.securityfocus.com/bid/33448
bugzilla.redhat.com/show_bug.cgi?id=481551
exchange.xforce.ibmcloud.com/vulnerabilities/48262
www.redhat.com/archives/fedora-package-announce/2009-January/msg01065.html