Vulnerabilities

CVE-2010-3998

by Fred · 05/11/2010

The (1) banshee-1 and (2) muinshee scripts in Banshee 1.8.0 and earlier place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: Banshee might also be affected using GST_PLUGIN_PATH.

Date published : 2010-11-05

http://www.securityfocus.com/bid/44752

http://download.banshee.fm/banshee/unstable/1.9.0/banshee-1-1.9.0.news

Similar

Tags: Cybersecurity Alert