Untrusted search path vulnerability in plugins/abrt-action-install-debuginfo-to-abrt-cache.c in Automatic Bug Reporting Tool (ABRT) 2.0.9 and earlier allows local users to load and execute arbitrary Python modules by modifying the PYTHONPATH environment variable to reference a malicious Python module.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Automatic_bug_reporting_tool | Redhat | 2.0.6 | 2.0.6 |
Automatic_bug_reporting_tool | Redhat | 2.0.4.981 | 2.0.4.981 |
Automatic_bug_reporting_tool | Redhat | 2.0.8 | 2.0.8 |
Automatic_bug_reporting_tool | Redhat | * | 2.0.9 |
Automatic_bug_reporting_tool | Redhat | 2.0.5 | 2.0.5 |
Automatic_bug_reporting_tool | Redhat | 2.0.2 | 2.0.2 |
Automatic_bug_reporting_tool | Redhat | 2.0.7 | 2.0.7 |
Automatic_bug_reporting_tool | Redhat | 2.0.4.980 | 2.0.4.980 |
Automatic_bug_reporting_tool | Redhat | 2.0.1 | 2.0.1 |
Automatic_bug_reporting_tool | Redhat | 2.0.0 | 2.0.0 |
Automatic_bug_reporting_tool | Redhat | 2.0.4 | 2.0.4 |
Automatic_bug_reporting_tool | Redhat | 2.0.3 | 2.0.3 |