CVE-2010-3364

EPSS 0.14%

發布日:2010/10/20修改日:2026/4/28

也稱為:DEBIAN-CVE-2010-3364

描述

The vips-7.22 script in VIPS 7.22.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

受影響套件(1)

Debian/vipsfrom 0, < 7.14.5-2

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2010-3364