CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2010-3378

The (1) scilab, (2) scilab-cli, and (3) scilab-adv-cli scripts in Scilab 5.2.2 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 19.3%

CVSS Severity

CVSS v2 Score 6.9

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598422
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598423
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598422
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598423

Products affected by CVE-2010-3378

Scilab » Scilab » Version: 5.2.2

cpe:2.3:a:scilab:scilab:5.2.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-3378

Products

Pricing

Contact Us