Untrusted search path vulnerability in Catfish through 0.4.0.3, when a Fedora package such as 0.4.0.2-2 is not used, allows local users to gain privileges via a Trojan horse catfish.pyc in the current working directory.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Catfish | Catfish_project | 0.4.0 (including) | 0.4.0 (including) |
Catfish | Catfish_project | 0.4.0.1 (including) | 0.4.0.1 (including) |
Catfish | Catfish_project | 0.4.0.2 (including) | 0.4.0.2 (including) |
Catfish | Catfish_project | 0.4.0.3 (including) | 0.4.0.3 (including) |