Computer Security
[EN] securityvulns.ru no-pyccku


xpdf code execution
Published:08.04.2009
Source:
SecurityVulns ID:9804
Type:local
Threat Level:
4/10
Description:xpdfrc file from current location may be processed.
Affected:XPDF : xpdf 3.02
CVE:CVE-2009-1144 (Untrusted search path vulnerability in the Gentoo package of Xpdf before 3.02-r2 allows local users to gain privileges via a Trojan horse xpdfrc file in the current working directory, related to an unset SYSTEM_XPDFRC macro in a Gentoo build process that uses the poppler library.)
Original documentdocumentGENTOO, [ GLSA 200904-07 ] Xpdf: Untrusted search path (08.04.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod