CVE-2005-4791
published 2005-12-31CVE-2005-4791: Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to…
PriorityP412low2.1CVSS 2.0
AVLACLAuNCNIPAN
EPSS
0.44%
35.4th percentile
Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) liferea or (2) banshee.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| beagle_project | beagle | >= 0 < 0.2.13-1 | 0.2.13-1 |
| beagle_project | beagle | >= 0 < 0.2.13-1 | 0.2.13-1 |
| beagle_project | beagle | >= 0 < 0.2.13-1 | 0.2.13-1 |
| beagle_project | beagle | >= 0 < 0.2.13-1 | 0.2.13-1 |
| debian | beagle | < beagle 0.2.13-1 (bookworm) | beagle 0.2.13-1 (bookworm) |
| debian | liferea | < beagle 0.2.13-1 (bookworm) | beagle 0.2.13-1 (bookworm) |
| liferea_project | liferea | >= 0 < 1.4.9-1 | 1.4.9-1 |
| liferea_project | liferea | >= 0 < 1.4.9-1 | 1.4.9-1 |
| liferea_project | liferea | >= 0 < 1.4.9-1 | 1.4.9-1 |
| liferea_project | liferea | >= 0 < 1.4.9-1 | 1.4.9-1 |
| novell | suse_linux | — | — |
CVSS provenance
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:N/I:P/A:N
osv2.1LOW
vendor_debian2.1LOW
vendor_redhat2.1LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-53f4-27hf-367h: Multiple untrusted search path vulnerabilities in SUSE Linux 10
ghsa_unreviewed·2022-05-01
CVE-2005-4791 [LOW] GHSA-53f4-27hf-367h: Multiple untrusted search path vulnerabilities in SUSE Linux 10
Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) liferea or (2) banshee.
OSV
CVE-2005-4791: Multiple untrusted search path vulnerabilities in SUSE Linux 10
osv·2005-12-31·CVSS 2.1
CVE-2005-4791 [LOW] CVE-2005-4791: Multiple untrusted search path vulnerabilities in SUSE Linux 10
Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) liferea or (2) banshee.
Debian
CVE-2005-4791: beagle - Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 cause the work...
vendor_debian·2005·CVSS 2.1
CVE-2005-4791 [LOW] CVE-2005-4791: beagle - Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 cause the work...
Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) liferea or (2) banshee.
Scope: local
bookworm: resolved (fixed in 0.2.13-1)
bullseye: resolved (fixed in 0.2.13-1)
forky: resolved (fixed in 0.2.13-1)
sid: resolved (fixed in 0.2.13-1)
trixie: resolved (fixed in 0.2.13-1)
Red Hat
liferea uses insecure LD_LIBRARY_PATH
vendor_redhat·CVSS 2.1
CVE-2005-4791 [LOW] liferea uses insecure LD_LIBRARY_PATH
liferea uses insecure LD_LIBRARY_PATH
Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) liferea or (2) banshee.
No detection rules found.
No public exploits indexed.
http://osvdb.org/39580http://secunia.com/advisories/27771http://sourceforge.net/project/shownotes.php?release_id=555823&group_id=87005http://www.novell.com/linux/security/advisories/2005_22_sr.htmlhttp://www.securityfocus.com/bid/15040http://www.vupen.com/english/advisories/2007/3965http://osvdb.org/39580http://secunia.com/advisories/27771http://sourceforge.net/project/shownotes.php?release_id=555823&group_id=87005http://www.novell.com/linux/security/advisories/2005_22_sr.htmlhttp://www.securityfocus.com/bid/15040http://www.vupen.com/english/advisories/2007/3965
2005-12-31
Published