Vulnerability Details CVE-2010-2929
Untrusted search path vulnerability in hsolinkcontrol in hsolink 1.0.118 allows local users to gain privileges via a modified PATH environment variable, which is used during execution of the (1) route, (2) mv, and (3) cp programs, a different vulnerability than CVE-2010-1671.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 18.8%
CVSS Severity
CVSS v2 Score 7.2
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590670
- http://ftp.de.debian.org/debian/pool/main/h/hsolink/hsolink_1.0.118.orig.tar.gz
- http://osvdb.org/66837
- https://exchange.xforce.ibmcloud.com/vulnerabilities/60877
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590670
- http://ftp.de.debian.org/debian/pool/main/h/hsolink/hsolink_1.0.118.orig.tar.gz
- http://osvdb.org/66837
- https://exchange.xforce.ibmcloud.com/vulnerabilities/60877