cbcvebase.
CVE-2009-3736
published 2009-11-29

CVE-2009-3736: ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other products, attempts to open a .la…

PriorityP420medium6.9CVSS 2.0
AVLACMAuNCCICAC
EPSS
0.39%
31.3th percentile
ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a Trojan horse file.

Affected

80 ranges· showing 25
VendorProductVersion rangeFixed in
clamavclamav>= 0 < 0.95+dfsg-10.95+dfsg-1
clamavclamav>= 0 < 0.95+dfsg-10.95+dfsg-1
clamavclamav>= 0 < 0.95+dfsg-10.95+dfsg-1
clamavclamav>= 0 < 0.95+dfsg-10.95+dfsg-1
collectdcollectd>= 0 < 4.8.2-14.8.2-1
collectdcollectd>= 0 < 4.8.2-14.8.2-1
collectdcollectd>= 0 < 4.8.2-14.8.2-1
collectdcollectd>= 0 < 4.8.2-14.8.2-1
debianbochs< clamav 0.95+dfsg-1 (bookworm)clamav 0.95+dfsg-1 (bookworm)
debianclamav< clamav 0.95+dfsg-1 (bookworm)clamav 0.95+dfsg-1 (bookworm)
debiancollectd< clamav 0.95+dfsg-1 (bookworm)clamav 0.95+dfsg-1 (bookworm)
debianggobi< clamav 0.95+dfsg-1 (bookworm)clamav 0.95+dfsg-1 (bookworm)
debiangnu-smalltalk< clamav 0.95+dfsg-1 (bookworm)clamav 0.95+dfsg-1 (bookworm)
debiangraphicsmagick< clamav 0.95+dfsg-1 (bookworm)clamav 0.95+dfsg-1 (bookworm)
debiangraphviz< clamav 0.95+dfsg-1 (bookworm)clamav 0.95+dfsg-1 (bookworm)
debianhamlib< clamav 0.95+dfsg-1 (bookworm)clamav 0.95+dfsg-1 (bookworm)
debianheartbeat< clamav 0.95+dfsg-1 (bookworm)clamav 0.95+dfsg-1 (bookworm)
debianhercules< clamav 0.95+dfsg-1 (bookworm)clamav 0.95+dfsg-1 (bookworm)
debianhypre< clamav 0.95+dfsg-1 (bookworm)clamav 0.95+dfsg-1 (bookworm)
debianimagemagick< clamav 0.95+dfsg-1 (bookworm)clamav 0.95+dfsg-1 (bookworm)
debianjags< clamav 0.95+dfsg-1 (bookworm)clamav 0.95+dfsg-1 (bookworm)
debianlam< clamav 0.95+dfsg-1 (bookworm)clamav 0.95+dfsg-1 (bookworm)
debianlibextractor< clamav 0.95+dfsg-1 (bookworm)clamav 0.95+dfsg-1 (bookworm)
debianlibmcrypt< clamav 0.95+dfsg-1 (bookworm)clamav 0.95+dfsg-1 (bookworm)
debianlibprelude< clamav 0.95+dfsg-1 (bookworm)clamav 0.95+dfsg-1 (bookworm)

CVSS provenance

nvdv2.06.9MEDIUMAV:L/AC:M/Au:N/C:C/I:C/A:C
osv6.9MEDIUM
vendor_debian6.9LOW
vendor_redhat6.9MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.