Vulnerabilities > CVE-2010-3358 - Unspecified vulnerability in Henner Zeller Henplus 0.9.7

047910
CVSS 6.9 - MEDIUM
Attack vector
LOCAL
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE

Summary

HenPlus JDBC SQL-Shell 0.9.7 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

Vulnerable Configurations

Part Description Count
Application
Henner_Zeller
1