CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
High
EPSS
Percentile
5.1%
Untrusted search path vulnerability in (1) reportbug 3.8 and 3.31, and (2) reportbug-ng before 0.2008.06.04, allows local users to execute arbitrary code via a malicious module file in the current working directory.
Vendor | Product | Version | CPE |
---|---|---|---|
reportbug-ng | reportbug | 3.8 | cpe:2.3:a:reportbug-ng:reportbug:3.8:*:*:*:*:*:*:* |
reportbug-ng | reportbug | 3.31 | cpe:2.3:a:reportbug-ng:reportbug:3.31:*:*:*:*:*:*:* |
reportbug-ng | reportbug-ng | 0.2007.03.10 | cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.03.10:*:*:*:*:*:*:* |
reportbug-ng | reportbug-ng | 0.2007.03.11 | cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.03.11:*:*:*:*:*:*:* |
reportbug-ng | reportbug-ng | 0.2007.03.13 | cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.03.13:*:*:*:*:*:*:* |
reportbug-ng | reportbug-ng | 0.2007.03.14 | cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.03.14:*:*:*:*:*:*:* |
reportbug-ng | reportbug-ng | 0.2007.03.15 | cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.03.15:*:*:*:*:*:*:* |
reportbug-ng | reportbug-ng | 0.2007.03.17 | cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.03.17:*:*:*:*:*:*:* |
reportbug-ng | reportbug-ng | 0.2007.03.19 | cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.03.19:*:*:*:*:*:*:* |
reportbug-ng | reportbug-ng | 0.2007.03.19.2 | cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.03.19.2:*:*:*:*:*:*:* |