Untrusted Search Path Weakness in GTK+ Affects Local User Privileges
CVE-2010-4831

Currently unrated

Key Information:

Vendor: Gnome
Status: Gtk
Vendor: CVE Published:; 6 September 2011

What is CVE-2010-4831?

The vulnerability identified in GTK+ prior to version 2.21.8 relates to an untrusted search path that allows local users to exploit the system. By placing a malicious Wintab32.dll in the current working directory, attackers can gain elevated privileges on the system. This weakness can lead to unauthorized actions and compromise system integrity. Users and administrators are advised to update to the latest version of GTK+ to mitigate the risk associated with this vulnerability.

References

http://www.securityfocus.com/bid/49449

vdb-entryx_refsource_BID

http://git.gnome.org/browse/gtk+/commit/gdk/win32/gdkinpu...

x_refsource_CONFIRM

http://jvn.jp/en/jp/JVN58019849/index.html

third-party-advisoryx_refsource_JVN

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Sep 6, 2011

Gnome

What is CVE-2010-4831?

References

Timeline