CVE-2010-4236
published 2010-11-12CVE-2010-4236: Untrusted search path vulnerability in estaskwrapper in IBM OmniFind Enterprise Edition before 9.1 allows local users to gain privileges via an ES_LIBRARY_PATH…
medium6.9CVSS 3.1
AVLACMAuNCCICAC
EXPLOIT
Untrusted search path vulnerability in estaskwrapper in IBM OmniFind Enterprise Edition before 9.1 allows local users to gain privileges via an ES_LIBRARY_PATH environment variable and a modified PATH environment variable, which is used during execution of the estasklight program, a different vulnerability than CVE-2010-3895.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | omnifind | <= 9.0 | — |
| ibm | omnifind | — | — |
| ibm | omnifind | — | — |
| ibm | omnifind | — | — |
| ibm | omnifind | — | — |