Lucene search
HistoryDec 16, 2005 - 11:03 a.m.
CVE-2005-4280
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
6.4 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Untrusted search path vulnerability in CMake before 2.2.0-r1 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH.
Affected configurations
Node
kitwarecmakeMatch1.4.3
ORkitwarecmakeMatch1.4.4
ORkitwarecmakeMatch1.4.5
ORkitwarecmakeMatch1.4.6
ORkitwarecmakeMatch1.4.7
ORkitwarecmakeMatch1.6.0
ORkitwarecmakeMatch1.6.0_beta1
ORkitwarecmakeMatch1.6.0_beta2
ORkitwarecmakeMatch1.6.1
ORkitwarecmakeMatch1.6.2
ORkitwarecmakeMatch1.6.3
ORkitwarecmakeMatch1.6.4
ORkitwarecmakeMatch1.6.5
ORkitwarecmakeMatch1.6.6
ORkitwarecmakeMatch1.6.7
ORkitwarecmakeMatch1.8.0
ORkitwarecmakeMatch1.8.1
ORkitwarecmakeMatch1.8.2
ORkitwarecmakeMatch1.8.3
ORkitwarecmakeMatch2.0.0
ORkitwarecmakeMatch2.0.1
ORkitwarecmakeMatch2.0.2
ORkitwarecmakeMatch2.0.3
ORkitwarecmakeMatch2.0.4
ORkitwarecmakeMatch2.0.5
ORkitwarecmakeMatch2.0.6
ORkitwarecmakeMatch2.2.0
Related
cve
cve
CVE-2005-4280
2005-12-16 11:03:00
cvelist
cvelist
CVE-2005-4280
2005-12-16 11:00:00
debiancve
debiancve
CVE-2005-4280
2005-12-16 11:03:00
gentoo
gentoo
Perl, Qt-UnixODBC, CMake: RUNPATH issues
2005-10-17 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200510-14 (Perl Qt-UnixODBC CMake)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200510-14 (Perl Qt-UnixODBC CMake)
2008-09-24 00:00:00
nessus
nessus
GLSA-200510-14 : Perl, Qt-UnixODBC, CMake: RUNPATH issues
2005-10-19 00:00:00
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
6.4 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for NVD:CVE-2005-4280