555 matches found
Design/Logic Flaw
The 1 banshee-1 and 2 muinshee scripts in Banshee 1.8.0 and earlier place a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: Banshee might also be affected using GSTPLUGINPATH...
Directory traversal
gnome-shell in GNOME Shell 2.31.5 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...
CVE-2010-3998
The 1 banshee-1 and 2 muinshee scripts in Banshee 1.8.0 and earlier place a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: Banshee might also be affected using GSTPLUGINPATH...
Directory traversal
GMXRC.bash in Gromacs 4.5.1 and earlier places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: CVE disputes this issue because the GMXLDLIB value is always added to the beginni...
CVE-2010-4000
gnome-shell in GNOME Shell 2.31.5 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...
CVE-2010-3998
The 1 banshee-1 and 2 muinshee scripts in Banshee 1.8.0 and earlier place a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: Banshee might also be affected using GSTPLUGINPATH...
CVE-2010-4000
gnome-shell in GNOME Shell 2.31.5 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...
CVE-2010-4005
The 1 tomboy and 2 tomboy-panel scripts in GNOME Tomboy 1.5.2 and earlier place a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: vector 1 exists because of an incorrect fix for...
CVE-2010-4001
CVE-2010-4001 affects GMXRC.bash in Gromacs 4.5.1 and earlier, where a zero-length directory name can be placed in LD_LIBRARY_PATH, enabling local privilege escalation via a Trojan horse shared library in the current working directory. The issue is discussed in vendor advisories and OpenVAS/Nessu...
CVE-2010-4005
Removed by vendor...
CVE-2010-3998
Removed by vendor...
CVE-2010-3999
gnc-test-env in GnuCash 2.3.15 and earlier places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...
CVE-2010-3996
festivalserver in Centre for Speech Technology Research CSTR Festival, probably 2.0.95-beta and earlier, places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...
Directory traversal
festivalserver in Centre for Speech Technology Research CSTR Festival, probably 2.0.95-beta and earlier, places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...
Directory traversal
gnc-test-env in GnuCash 2.3.15 and earlier places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...
CVE-2010-3996
festivalserver in Centre for Speech Technology Research CSTR Festival, probably 2.0.95-beta and earlier, places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...
PT-2010-5231 · Gromacs Development Team · Gromacs
Name of the Vulnerable Software and Affected Versions: Gromacs versions 4.5.1 and earlier Description: The issue allows local users to gain privileges via a Trojan horse shared library in the current working directory. This is due to GMXRC.bash placing a zero-length directory name in the LD LIBRA...
Mandriva Linux Security Advisory : mozilla-thunderbird (MDVSA-2010:211)
Security issues were identified and fixed in mozilla-thunderbird : The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly set the minimum key length for Diffie-Hellman Ephemeral...
CVE-2010-3182
A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan hor...
Directory traversal
A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan hor...