Lucene search

K
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2012-0883
HistoryApr 18, 2012 - 10:33 a.m.

CVE-2012-0883

2012-04-1810:33:00
Debian Security Bug Tracker
security-tracker.debian.org
25

0.0004 Low

EPSS

Percentile

12.4%

envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl.