CVE-2007-4432

3 documents3 sources

Severity

4.6MEDIUM

EPSS

0.0%

top 89.53%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Novell Suse Linux Suse Suse Linux

Timeline

PublishedAug 20

Latest updateMay 1

Description

Untrusted search path vulnerability in the wrapper scripts for the (1) rug, (2) zen-updater, (3) zen-installer, and (4) zen-remover programs on SUSE Linux 10.1 and Enterprise 10 allows local users to gain privileges via modified (a) LD_LIBRARY_PATH and (b) MONO_GAC_PREFIX environment variables.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages2 packages

▶NVDsuse/suse_linux10

▶NVDnovell/suse_linux10.1

🔴Vulnerability Details

GHSA

GHSA-cjq5-93qv-57v9: Untrusted search path vulnerability in the wrapper scripts for the (1) rug, (2) zen-updater, (3) zen-installer, and (4) zen-remover programs on SUSE L↗2022-05-01

▶

CVEList

CVE-2007-4432: Untrusted search path vulnerability in the wrapper scripts for the (1) rug, (2) zen-updater, (3) zen-installer, and (4) zen-remover programs on SUSE L↗2007-08-20

▶