Lucene search

K
cvelistRedhatCVELIST:CVE-2012-0883
HistoryApr 18, 2012 - 10:00 a.m.

CVE-2012-0883

2012-04-1810:00:00
redhat
www.cve.org

6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

12.8%

envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl.

References

6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

12.8%