CVE-2010-3366 - CERT CVE

  1. CVE-2010-3366

ID CVE-2010-3366
Sažetak Mn_Fit 5.13 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
Reference
CVSS
Base: 6.9
Impact: 10.0
Exploitability:3.4
Pristup
VektorSloženostAutentikacija
LOCAL MEDIUM NONE
Impact
PovjerljivostCjelovitostDostupnost
COMPLETE COMPLETE COMPLETE
CVSS vektor AV:L/AC:M/Au:N/C:C/I:C/A:C
Zadnje važnije ažuriranje 21-10-2010 - 20:15
Objavljeno 20-10-2010 - 18:00