CVE-2010-4159

Published: Nov 17, 2010

Modified: Aug 7, 2024

PUBLISHED

Description

Untrusted search path vulnerability in metadata/loader.c in Mono 2.8 and earlier allows local users to gain privileges via a Trojan horse shared library in the current working directory.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/mono/mono/commit/8e890a3bf80a4620e417814dc14886b1bbd17625

x_refsource_CONFIRM

ADV-2010-3059

vdb-entry

x_refsource_VUPEN

[mono-patches] 20101012 [mono/mono] d3985be4: Search for dllimported shared libs in the base directory, not cwd.

mailing-list

x_refsource_MLIST

[oss-security] 20101110 Re: CVE request: mono loading shared libs from cwd

mailing-list

x_refsource_MLIST

MDVSA-2010:240

vendor-advisory

x_refsource_MANDRIVA

http://www.mono-project.com/Vulnerabilities#Mono_Runtime_Insecure_Native_Library_Loading

x_refsource_CONFIRM

42174

third-party-advisory

x_refsource_SECUNIA

https://bugzilla.novell.com/show_bug.cgi?id=641915

x_refsource_CONFIRM

44810

vdb-entry

x_refsource_BID

[oss-security] 20101110 Re: CVE request: mono loading shared libs from cwd

mailing-list

x_refsource_MLIST

[oss-security] 20101110 CVE request: mono loading shared libs from cwd

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2010-4159

Description

Affected Products

References