Vulnerability Details CVE-2002-0512
startkde in KDE for Caldera OpenLinux 2.3 through 3.1.1 sets the LD_LIBRARY_PATH environment variable to include the current working directory, which could allow local users to gain privileges of other users running startkde via Trojan horse libraries.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 21.0%
CVSS Severity
CVSS v2 Score 4.6
References
- http://www.calderasystems.com/support/security/advisories/CSSA-2002-005.0.txt
- http://www.iss.net/security_center/static/8737.php
- http://www.securityfocus.com/bid/4400
- http://www.calderasystems.com/support/security/advisories/CSSA-2002-005.0.txt
- http://www.iss.net/security_center/static/8737.php
- http://www.securityfocus.com/bid/4400
Products affected by CVE-2002-0512
-
cpe:2.3:a:caldera:openlinux_server:3.1.1
-
cpe:2.3:a:caldera:openlinux_workstation:3.1.1