CVE-2006-6474

Currently unrated

Key Information:

Vendor: Mcafee
Status: Virusscan
Vendor: CVE Published:; 14 December 2006

Summary

Untrusted search path vulnerability in McAfee VirusScan for Linux 4510e and earlier includes the current working directory in the DT_RPATH environment variable, which allows local users to load arbitrary ELF DSO libraries and execute arbitrary code by installing malicious libraries in that directory.

References

http://secunia.com/advisories/23429

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/30898

vdb-entryx_refsource_XF

http://secunia.com/advisories/23278

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Dec 14, 2006
Vulnerability Reserved
Dec 11, 2006