Lucene search

K
ubuntucveUbuntu.comUB:CVE-2012-0883
HistoryApr 18, 2012 - 12:00 a.m.

CVE-2012-0883

2012-04-1800:00:00
ubuntu.com
ubuntu.com
32

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

12.8%

envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a
zero-length directory name in the LD_LIBRARY_PATH, which allows local users
to gain privileges via a Trojan horse DSO in the current working directory
during execution of apachectl.

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

12.8%