Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.9
CVSSv2

CVE-2010-3357

Published: 20/10/2010 Updated: 03/11/2010
CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4
VMScore: 614
Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Gnome-subtitles

Vulnerability Summary

gnome-subtitles 1.0 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

Vulnerable Product Search on Vulmon Subscribe to Product

pedro castro gnome-subtitles 1.0

Vendor Advisories

Debian CVElist Bug Report Logs: gnome-subtitles: CVE-2010-3357: insecure library loading
Debian Bug report logs - #598289 gnome-subtitles: CVE-2010-3357: insecure library loading Package: gnome-subtitles; Maintainer for gnome-subtitles is Debian CLI Applications Team <pkg-cli-apps-team@listsaliothdebianorg>; Source for gnome-subtitles is src:gnome-subtitles (PTS, buildd, popcon) Reported by: Raphael Geissert ...

References

NVD-CWE-Otherhttp://git.gnome.org/browse/gnome-subtitles/commit/?id=44370dc2a87f7fa0d6c9730979514bd407a37c65http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598289http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049184.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-October/049288.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-October/049275.htmlhttp://secunia.com/advisories/41807https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598289https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040privilege escalationCVE-2024-4112CVE-2024-32872man-in-the-middleCVE-2024-32788bypassCVE-2024-3400CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook