Untrusted Search Path Vulnerability in Epiphany by GNOME
CVE-2008-5985

Currently unrated

Key Information:

Vendor: Gnome
Status: Epiphany
Vendor: CVE Published:; 28 January 2009

Summary

The untrusted search path vulnerability in the Python interface of Epiphany allows local users to execute arbitrary code. By leveraging a Trojan horse Python file located in the current working directory, an attacker can potentially manipulate the application's behavior due to the flaws associated with the PySys_SetArgv function. This security issue emphasizes the importance of proper path handling to prevent unauthorized code execution.

References

http://www.securityfocus.com/bid/33441

vdb-entryx_refsource_BID

http://www.mandriva.com/security/advisories?name=MDVSA-20...

vendor-advisoryx_refsource_MANDRIVA

http://secunia.com/advisories/34187

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Jan 28, 2009
Vulnerability Reserved
Jan 27, 2009