CVE-2011-0458

Description

Untrusted search path vulnerability in the Locate on Disk feature in Google Picasa before 3.8 allows local users to gain privileges via a Trojan horse executable file in the current working directory.

Affected products

• Google / picasa3.6

References

• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/66295
• VENDOR_ADVISORYhttp://secunia.com/advisories/43853
• MISChttp://www.securityfocus.com/bid/47031
• VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2011/0766
• MISChttp://jvn.jp/en/jp/JVN99977321/index.html
• MISChttp://osvdb.org/71281
• MISChttp://jvndb.jvn.jp/jvndb/JVNDB-2011-000022