Back to search
CVE-2010-4167
Published: Nov 22, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5, when MAGICKCORE_INSTALLED_SUPPORT is defined, allows local users to gain privileges via a Trojan horse configuration file in the current working directory.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
42497
third-party-advisory
x_refsource_SECUNIA
https://bugzilla.redhat.com/show_bug.cgi?id=652860
x_refsource_CONFIRM
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601824
x_refsource_CONFIRM
USN-1028-1
vendor-advisory
x_refsource_UBUNTU
[oss-security] 20101115 Re: CVE request: ImageMagick opens config files in $CWD
mailing-list
x_refsource_MLIST
42744
third-party-advisory
x_refsource_SECUNIA
49063
third-party-advisory
x_refsource_SECUNIA
http://www.imagemagick.org/script/changelog.php
x_refsource_CONFIRM
45044
vdb-entry
x_refsource_BID
FEDORA-2010-19025
vendor-advisory
x_refsource_FEDORA
ADV-2010-3322
vdb-entry
x_refsource_VUPEN
ADV-2010-3150
vdb-entry
x_refsource_VUPEN
FEDORA-2010-19056
vendor-advisory
x_refsource_FEDORA
RHSA-2012:0544
vendor-advisory
x_refsource_REDHAT
[oss-security] 20101112 CVE request: ImageMagick opens config files in $CWD
mailing-list
x_refsource_MLIST
48100
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now