4 matches found
elinks tries to load .po files from a non-absolute path
Untrusted search path vulnerability in the addfilenametostring function in intl/gettext/loadmsgcat.c for Elinks 0.11.1 allows local users to cause Elinks to use an untrusted gettext message catalog .po file in a "../po" directory, which can be leveraged to conduct format string attacks...
Ubuntu Update for elinks vulnerability USN-457-1
Ubuntu Update for Linux kernel vulnerabilities USN-457-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4571.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for elinks vulnerability USN-457-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...
Ubuntu 6.06 LTS / 6.10 / 7.04 : elinks vulnerability (USN-457-1)
Arnaud Giersch discovered that elinks incorrectly attempted to load gettext catalogs from a relative path. If a user were tricked into running elinks from a specific directory, a local attacker could execute code with user privileges. Note that Tenable Network Security has extracted the preceding...
USN-457-1: elinks vulnerability
Arnaud Giersch discovered that elinks incorrectly attempted to load gettext catalogs from a relative path. If a user were tricked into running elinks from a specific directory, a local attacker could execute code with user privileges...