FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

epiphany -- untrusted search path vulnerability

Affected packages
epiphany < 2.24.2.1

Details

VuXML ID e848a92f-0e7d-11de-92de-000bcdc1757a
Discovery 2009-01-26
Entry 2009-03-11

CVE Mitre reports:

Untrusted search path vulnerability in the Python interface in Epiphany 2.22.3, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).

[source]

References

CVE Name CVE-2008-5983
CVE Name CVE-2008-5985

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.