SUSE CVE-2010-2055

Ghostscript 8.71 and earlier reads initialization files from the current working directory, which allows local users to execute arbitrary PostScript commands via a Trojan horse file, related to improper support for the -P- option to the gs program, as demonstrated using gsinit.ps, a different...

SUSE CVE-2010-3350

bareFTP 0.3.4 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

SUSE CVE-2010-3349

Ardour 2.8.11 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

SUSE CVE-2010-3353

Cowbell 0.2.7.1 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

SUSE CVE-2010-3355

Ember 0.5.7 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

SUSE CVE-2010-3360

Hipo 0.6.1 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

SUSE CVE-2010-3358

HenPlus JDBC SQL-Shell 0.9.7 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

SUSE CVE-2010-3366

MnFit 5.13 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

SUSE CVE-2010-3374

Qt Creator before 2.0.1 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

SUSE CVE-2010-3381

The 1 tangerine and 2 tangerine-properties scripts in Tangerine 0.3.2.2 place a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

SUSE CVE-2010-3380

The 1 init.d/slurm and 2 init.d/slurmdbd scripts in SLURM before 2.1.14 place the . dot directory in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

SUSE CVE-2010-3386

usttrace in LTTng Userspace Tracer aka UST 0.7 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

SUSE CVE-2010-3384

The 1 torcs, 2 nfsperf, 3 accc, 4 texmapper, 5 trackgen, and 6 nfs2ac scripts in TORCS 1.3.1 place a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

SUSE CVE-2010-3393

magics-config in Magics++ 2.10.0 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

SUSE CVE-2010-3996

festivalserver in Centre for Speech Technology Research CSTR Festival, probably 2.0.95-beta and earlier, places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

SUSE CVE-2010-4000

gnome-shell in GNOME Shell 2.31.5 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

SUSE CVE-2010-4159

Untrusted search path vulnerability in metadata/loader.c in Mono 2.8 and earlier allows local users to gain privileges via a Trojan horse shared library in the current working directory...

SUSE CVE-2010-4167

Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5, when MAGICKCOREINSTALLEDSUPPORT is defined, allows local users to gain privileges via a Trojan horse configuration file in the current working directory...

SUSE CVE-2010-5252

Untrusted search path vulnerability in HTTrack 3.43-9 allows local users to gain privileges via a Trojan horse httrack-plugin.dll file in the current working directory, as demonstrated by a directory that contains a .whtt file. NOTE: some of these details are obtained from third party information...

SUSE CVE-2011-0575

Untrusted search path vulnerability in Adobe Flash Player before 10.2.152.26 allows local users to gain privileges via a Trojan horse DLL in the current working directory...