PT-2024-33216 · Wanxing Technology · Wanxing Technology Yitu Project Management Kirin Edition

Name of the Vulnerable Software and Affected Versions: Wanxing Technology Yitu Project Management Kirin Edition version 2.3.6 Description: The issue allows a remote attacker to execute arbitrary code via a specially constructed so file in /opt/EdrawProj-2/plugins/imageformat. This enables the...

SUSE CVE-2010-3847

elf/dl-load.c in ld.so in the GNU C Library aka glibc or libc6 through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the LDAUDIT environment variable, which allows local users to gain privileges via a crafted dynamic shared object DSO located in an arbitrary...

glibc: ld.so insecure handling of $ORIGIN in LD_AUDIT for setuid/setgid programs

elf/dl-load.c in ld.so in the GNU C Library aka glibc or libc6 through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the LDAUDIT environment variable, which allows local users to gain privileges via a crafted dynamic shared object DSO located in an arbitrary...