Description
Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) liferea or (2) banshee.
Affected products
- Novell / suse_linux10.0 – 10.0
References
- MISChttp://osvdb.org/39580
- MISChttp://www.securityfocus.com/bid/15040
- VENDOR_ADVISORYhttp://secunia.com/advisories/27771
- MISChttp://sourceforge.net/project/shownotes.php?release_id=555823&group_id=87005
- VENDOR_ADVISORYhttp://www.novell.com/linux/security/advisories/2005_22_sr.html
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2007/3965