Untrusted search path vulnerability in estaskwrapper in IBM OmniFind Enterprise Edition prior to 9.1 allows local users to gain privileges via an ES_LIBRARY_PATH environment variable and a modified PATH environment variable, which is used during execution of the estasklight program, a different vulnerability than CVE-2010-3895.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm omnifind 8.0 |
||
ibm omnifind 8.5 |
||
ibm omnifind |
||
ibm omnifind 8.4 |
||
ibm omnifind 6.1 |