Lucene search

K
prionPRIOn knowledge basePRION:CVE-2012-0883
HistoryApr 18, 2012 - 10:33 a.m.

Directory traversal

2012-04-1810:33:00
PRIOn knowledge base
www.prio-n.com
11

6.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

12.8%

envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl.

References

6.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

12.8%