CVE-2005-4790
Published: 31 December 2005
Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and 10.0, and possibly other distributions, cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) beagle, (2) tomboy, or (3) blam. NOTE: in August 2007, the tomboy vector was reported for other distributions.
Notes
Author | Note |
---|---|
jdstrand | bug has debdiffs upstream 0.9.1 does not contain the vulnerable code |