CVE-2002-0512

startkde in KDE for Caldera OpenLinux 2.3 through 3.1.1 sets the LD_LIBRARY_PATH environment variable to include the current working directory, which could allow local users to gain privileges of other users running startkde via Trojan horse libraries.

Score4.6
Access VectorLOCAL
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactPARTIAL
Integrity ImpactPARTIAL
Availability ImpactPARTIAL
Published2002-08-12 12:00:00.000-04
Last Modified2008-09-05 04:28:13.000-04

Vulnerable Software List

VendorProductVersions
Caldera Openlinux Workstation 3.1.1
Caldera Openlinux Server 3.1.1

References

SourceLink
CALDERACSSA-2002-005.0
XFkde-startkde-search-directory(8737)
BID4400