CVE-2005-4791 - Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 cause the working directory to be

CVE-2005-4791

Summary

Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) liferea or (2) banshee.

References

http://osvdb.org/39580
http://secunia.com/advisories/27771
http://sourceforge.net/project/shownotes.php?release_id=555823&group_id=87005
http://www.novell.com/linux/security/advisories/2005_22_sr.html
http://www.securityfocus.com/bid/15040
http://www.vupen.com/english/advisories/2007/3965

Vulnerable Configurations

cpe:2.3:o:novell:suse_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:novell:suse_linux:10.0:*:*:*:*:*:*:*

CVSS

Base:	2.1 (as of 30-10-2018 - 16:25)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	PARTIAL	NONE

cvss-vector via4

AV:L/AC:L/Au:N/C:N/I:P/A:N

refmap via4

bid	15040
confirm	http://sourceforge.net/project/shownotes.php?release_id=555823&group_id=87005
osvdb	39580
secunia	27771
suse	SUSE-SR:2005:022
vupen	ADV-2007-3965

Last major update

30-10-2018 - 16:25

Published

31-12-2005 - 05:00

Last modified

30-10-2018 - 16:25