125 matches found
CVE-2010-3364
The vips-7.22 script in VIPS 7.22.2 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...
CVE-2010-3364
VIPS (image processing library) vulnerability CVE-2010-3364 affects VIPS up to 7.22.x, where a zero-length directory name placed in LD_LIBRARY_PATH may cause the current directory to be searched for dynamic libraries, enabling local privilege escalation. Gentoo GLSA 201401-29 cites that upgrading...
CVE-2010-3364
The vips-7.22 script in VIPS 7.22.2 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...
Security fix for the ALT Linux 5 package vips version 7.22.4-alt0.M50P.1
Oct. 19, 2010 Andrey Cherepanov 7.22.4-alt0.M50P.1 - backport to p5 branch fixed CVE-2010-3364...
Security fix for the ALT Linux 5 package vips version 7.22.3-alt1
Oct. 16, 2010 Michael Shigorin 7.22.3-alt1 - 7.22.3 fixes CVE-2010-3364 insecure library loading; thanks crux@ for heads-up closes: 24330...