CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-5327

Untrusted search path vulnerability in OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and earlier and possibly other products, allows local users to execute arbitrary code via a modified PATH that references a malicious gzip program, which is executed by gnutar with certain TAR_OPTIONS environment variable settings, when gnutar is invoked by OpenBase.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 23.9%

CVSS Severity

CVSS v2 Score 7.2

References

Products affected by CVE-2006-5327

Apple » Xcode » Version: N/A

cpe:2.3:a:apple:xcode:-
Apple » Xcode » Version: 1.5.0

cpe:2.3:a:apple:xcode:1.5.0
Apple » Xcode » Version: 2.0.0

cpe:2.3:a:apple:xcode:2.0.0
Apple » Xcode » Version: 2.1.0

cpe:2.3:a:apple:xcode:2.1.0
Openbase International Ltd » Openbase » Version: Any

cpe:2.3:a:openbase_international_ltd:openbase:*
Openbase International Ltd » Openbase » Version: 7.0.15

cpe:2.3:a:openbase_international_ltd:openbase:7.0.15
Openbase International Ltd » Openbase » Version: 8.0.4

cpe:2.3:a:openbase_international_ltd:openbase:8.0.4
Openbase International Ltd » Openbase » Version: 9.1.5

cpe:2.3:a:openbase_international_ltd:openbase:9.1.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-5327

Products

Pricing

Contact Us