Lucene search

K

[email protected]NVD:CVE-2010-4820

HistoryOct 27, 2014 - 1:55 a.m.

CVE-2010-4820

2014-10-2701:55:23

CWE-94

[email protected]

web.nvd.nist.gov

4.4 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

10.1%

Untrusted search path vulnerability in Ghostscript 8.62 allows local users to execute arbitrary PostScript code via a Trojan horse Postscript library file in Encoding/ under the current working directory, a different vulnerability than CVE-2010-2055.

Affected configurations

NVD

Node

ghostscriptghostscriptMatch8.62

References

bugs.ghostscript.com/show_bug.cgi?id=691339

rhn.redhat.com/errata/RHSA-2012-0095.html

rhn.redhat.com/errata/RHSA-2012-0096.html

www.openwall.com/lists/oss-security/2012/01/04/7

www.securityfocus.com/archive/1/511433

www.securityfocus.com/bid/51847

bugzilla.redhat.com/show_bug.cgi?id=599564

bugzilla.redhat.com/show_bug.cgi?id=771853

4.4 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

10.1%

Related for NVD:CVE-2010-4820

cve2 debiancve2 prion2 cvelist2 nvd1 ubuntucve2 oraclelinux2 centos2 nessus20 openvas25 redhat2 amazon1 fedora5 veracode2 gentoo1