CVE-2002-0512

3 documents3 sources

Severity

4.6MEDIUM

EPSS

0.2%

top 63.59%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Caldera Openlinux Server Caldera Openlinux Workstation

Timeline

PublishedAug 12

Latest updateApr 30

Description

startkde in KDE for Caldera OpenLinux 2.3 through 3.1.1 sets the LD_LIBRARY_PATH environment variable to include the current working directory, which could allow local users to gain privileges of other users running startkde via Trojan horse libraries.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages2 packages

▶NVDcaldera/openlinux_server3.1.1

▶NVDcaldera/openlinux_workstation3.1.1

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-49fm-cm32-q45w: startkde in KDE for Caldera OpenLinux 2↗2022-04-30

▶

CVEList

CVE-2002-0512: startkde in KDE for Caldera OpenLinux 2↗2003-04-02

▶