CVE-2005-4280

Untrusted search path vulnerability in CMake before 2.2.0-r1 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH.

Affected Software

Name	Vendor	Start Version	End Version
Cmake	Kitware	1.4.3 (including)	1.4.3 (including)
Cmake	Kitware	1.4.4 (including)	1.4.4 (including)
Cmake	Kitware	1.4.5 (including)	1.4.5 (including)
Cmake	Kitware	1.4.6 (including)	1.4.6 (including)
Cmake	Kitware	1.4.7 (including)	1.4.7 (including)
Cmake	Kitware	1.6.0 (including)	1.6.0 (including)
Cmake	Kitware	1.6.0_beta1 (including)	1.6.0_beta1 (including)
Cmake	Kitware	1.6.0_beta2 (including)	1.6.0_beta2 (including)
Cmake	Kitware	1.6.1 (including)	1.6.1 (including)
Cmake	Kitware	1.6.2 (including)	1.6.2 (including)
Cmake	Kitware	1.6.3 (including)	1.6.3 (including)
Cmake	Kitware	1.6.4 (including)	1.6.4 (including)
Cmake	Kitware	1.6.5 (including)	1.6.5 (including)
Cmake	Kitware	1.6.6 (including)	1.6.6 (including)
Cmake	Kitware	1.6.7 (including)	1.6.7 (including)
Cmake	Kitware	1.8.0 (including)	1.8.0 (including)
Cmake	Kitware	1.8.1 (including)	1.8.1 (including)
Cmake	Kitware	1.8.2 (including)	1.8.2 (including)
Cmake	Kitware	1.8.3 (including)	1.8.3 (including)
Cmake	Kitware	2.0.0 (including)	2.0.0 (including)
Cmake	Kitware	2.0.1 (including)	2.0.1 (including)
Cmake	Kitware	2.0.2 (including)	2.0.2 (including)
Cmake	Kitware	2.0.3 (including)	2.0.3 (including)
Cmake	Kitware	2.0.4 (including)	2.0.4 (including)
Cmake	Kitware	2.0.5 (including)	2.0.5 (including)
Cmake	Kitware	2.0.6 (including)	2.0.6 (including)
Cmake	Kitware	2.2.0 (including)	2.2.0 (including)

NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-4280
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html

Affected Software

References