CVE-2010-3689
CVE-2010-3689
soffice in OpenOffice.org (OOo) 3.x before 3.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://osvdb.org/70716https://bugzilla.redhat.com/show_bug.cgi?id=641224http://secunia.com/advisories/40775http://secunia.com/advisories/42999http://secunia.com/advisories/43065http://secunia.com/advisories/43105http://secunia.com/advisories/60799http://ubuntu.com/usn/usn-1056-1http://www.debian.org/security/2011/dsa-2151http://www.gentoo.org/security/en/glsa/glsa-201408-19.xmlhttp://www.mandriva.com/security/advisories?name=MDVSA-2011:027http://www.openoffice.org/security/cves/CVE-2010-3689.html