Untrusted Search Path Vulnerability in XnView and NView on Gentoo Linux
CVE-2005-4595

Currently unrated

Key Information:

Vendor: Gentoo
Status: Nview; Xnview
Vendor: CVE Published:; 31 December 2005

What is CVE-2005-4595?

The vulnerability allows local users on Gentoo Linux to exploit an untrusted search path in XnView 1.70 and NView 4.51, enabling them to execute arbitrary code by placing a malicious library in the current working directory. This flaw can be particularly dangerous, as it provides a pathway for attackers to gain unauthorized access to system resources or sensitive data.

References

http://bugs.gentoo.org/show_bug.cgi?id=117063

x_refsource_MISC

http://www.osvdb.org/22093

vdb-entryx_refsource_OSVDB

http://www.osvdb.org/22094

vdb-entryx_refsource_OSVDB

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Jan 1, 2006
Vulnerability published
Dec 31, 2005