CVE-2009-3736

Currently unrated

Key Information:

Vendor: Gnu
Status: Libtool
Vendor: CVE Published:; 29 November 2009

Summary

ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a Trojan horse file.

References

http://security.gentoo.org/glsa/glsa-201311-10.xml

vendor-advisoryx_refsource_GENTOO

http://www.mandriva.com/security/advisories?name=MDVSA-20...

vendor-advisoryx_refsource_MANDRIVA

http://lists.fedoraproject.org/pipermail/package-announce...

vendor-advisoryx_refsource_FEDORA

Timeline

Vulnerability published
Nov 29, 2009
Vulnerability Reserved
Oct 22, 2009