soffice in OpenOffice.org (OOo) 3.x prior to 3.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache openoffice |
||
canonical ubuntu linux 8.04 |
||
canonical ubuntu linux 9.10 |
||
canonical ubuntu linux 10.04 |
||
canonical ubuntu linux 10.10 |
||
debian debian linux 5.0 |
||
debian debian linux 6.0 |