CVE-2011-4355

Currently unrated

Key Information:

Vendor: Gnu
Status: Gdb
Vendor: CVE Published:; 5 March 2013

Summary

GNU Project Debugger (GDB) before 7.5, when .debug_gdb_scripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafted files such as Python scripts.

References

http://rhn.redhat.com/errata/RHSA-2013-0522.html

vendor-advisoryx_refsource_REDHAT

http://sourceware.org/ml/gdb-patches/2011-04/msg00559.html

mailing-listx_refsource_MLIST

http://sourceware.org/ml/gdb-patches/2011-05/msg00202.html

mailing-listx_refsource_MLIST

Timeline

Vulnerability published
Mar 5, 2013
Vulnerability Reserved
Nov 4, 2011