CVE-2010-3996

festivalserver in Centre for Speech Technology Research CSTR Festival, probably 2.0.95-beta and earlier, places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

CVE-2010-3996

festivalserver in Centre for Speech Technology Research CSTR Festival, probably 2.0.95-beta and earlier, places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

CVE-2010-3996

The CVE-2010-3996 issue affects Festival Server (CSTR Festival), probably in versions up to 2.0.95-beta and earlier. The root cause is an unsafe LD_LIBRARY_PATH implementation that places a zero-length directory name, enabling a local attacker to load a Trojan horse shared library from the curren...

CVE-2010-3996

festivalserver in Centre for Speech Technology Research CSTR Festival, probably 2.0.95-beta and earlier, places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

openSUSE Security Update : festival (openSUSE-SU-2010:0756-1)

festivalserver uses an unsafe LDLIBRARYPATH. Local users could exploit that to execute code as another user if that user runs festivalserver. CVE-2010-3996 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...