CVE-2005-4791

7 documents7 sources

Severity

2.1LOW

EPSS

0.2%

top 64.18%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Novell Suse Linux

Timeline

PublishedDec 31

Latest updateMay 1

Description

Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) liferea or (2) banshee.

CVSS vector

AV:L/AC:L/C:N/I:P/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages3 packages

▶NVDnovell/suse_linux10.0

▶Debianliferea< 1.4.9-1+3

▶Debianbeagle< 0.2.13-1+3

Patches

Patch: www.novell.com ↗Patch: www.novell.com ↗

🔴Vulnerability Details

GHSA

GHSA-53f4-27hf-367h: Multiple untrusted search path vulnerabilities in SUSE Linux 10↗2022-05-01

▶

CVEList

CVE-2005-4791: Multiple untrusted search path vulnerabilities in SUSE Linux 10↗2006-04-26

▶

OSV

CVE-2005-4791: Multiple untrusted search path vulnerabilities in SUSE Linux 10↗2005-12-31

▶

📋Vendor Advisories

Debian

CVE-2005-4791: beagle - Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 cause the work...↗2005

▶

Red Hat

liferea uses insecure LD_LIBRARY_PATH↗

▶

💬Community

Bugzilla

CVE-2005-4791 liferea uses insecure LD_LIBRARY_PATH↗2007-11-20

▶