Vulnerabilities > CVE-2010-3378 - Unspecified vulnerability in Scilab 5.2.2
Attack vector
LOCAL Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE local
scilab
Summary
The (1) scilab, (2) scilab-cli, and (3) scilab-adv-cli scripts in Scilab 5.2.2 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |