CVE Vulnerabilities

CVE-2008-2366

Published: Jun 16, 2008 | Modified: Sep 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.4 MEDIUM
AV:L/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
3.7 LOW
AV:L/AC:H/Au:N/C:P/I:P/A:P
RedHat/V3
Ubuntu

Untrusted search path vulnerability in a certain Red Hat build script for OpenOffice.org (OOo) 1.1.x on Red Hat Enterprise Linux (RHEL) 3 and 4 allows local users to gain privileges via a malicious library in the current working directory, related to incorrect quoting of the ORIGIN symbol for use in the RPATH library path.

Affected Software

Name Vendor Start Version End Version
Red Hat Enterprise Linux 3 RedHat openoffice.org-0:1.1.2-42.2.0.EL3 *
Red Hat Enterprise Linux 4 RedHat openoffice.org-0:1.1.5-10.6.0.5.EL4 *

References