Lucene search
Ubuntu.comUB:CVE-2005-3346HistoryNov 20, 2005 - 12:00 a.m.
CVE-2005-3346
2005-11-2000:00:00
ubuntu.com
ubuntu.com
10
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
0.4%
Buffer overflow in the environment variable substitution code in main.c in
OSH 1.7-14 allows local users to inject arbitrary environment variables,
such as LD_PRELOAD, via pathname arguments of the form “$VAR/EVAR=arg”,
which cause the EVAR portion to be appended to a buffer returned by a
getenv function call.
Related
cve
cve
CVE-2005-3346
2005-11-20 21:03:00
CVE-2005-3347
2005-11-18 02:02:00
osv
osv
osh - programming error
2005-12-09 00:00:00
nessus
nessus
Debian DSA-918-1 : osh - programming error
2006-10-14 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-918-1)
2008-01-17 00:00:00
ubuntucve
ubuntucve
CVE-2005-3347
2005-11-18 00:00:00
debiancve
debiancve
CVE-2005-3347
2005-11-18 02:02:00
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
0.4%
Related for UB:CVE-2005-3346