CVE-2006-7151 - Untrusted search path vulnerability in the libtool-ltdl library (libltdl.so) 1.5.22-2.3 in Fedora Co

CVE-2006-7151

Summary

Untrusted search path vulnerability in the libtool-ltdl library (libltdl.so) 1.5.22-2.3 in Fedora Core 5 might allow local users to execute arbitrary code via a malicious library in the (1) hwcap, (2) 0, and (3) nosegneg subdirectories.

References

Vulnerable Configurations

cpe:2.3:o:redhat:fedora_core:core_5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:fedora_core:core_5.0:*:*:*:*:*:*:*
cpe:2.3:a:gnu:libtool-ltdl:1.5.22-2.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:libtool-ltdl:1.5.22-2.3:*:*:*:*:*:*:*

CVSS

Base:	6.6 (as of 16-10-2018 - 16:29)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	MEDIUM	SINGLE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:M/Au:S/C:C/I:C/A:C

refmap via4

bid	20434
bugtraq	20061010 [Fedora] libtool-ltdl uses relative paths to resolve and load libraries
confirm	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=209930
sreason	2378

Last major update

16-10-2018 - 16:29

Published

07-03-2007 - 20:19

Last modified

16-10-2018 - 16:29