CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
5.1%
Untrusted search path vulnerability in the Gentoo package of Xpdf before 3.02-r2 allows local users to gain privileges via a Trojan horse xpdfrc file in the current working directory, related to an unset SYSTEM_XPDFRC macro in a Gentoo build process that uses the poppler library.
Vendor | Product | Version | CPE |
---|---|---|---|
foolabs | xpdf | 0.5a | cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:* |
foolabs | xpdf | 0.7a | cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:* |
foolabs | xpdf | 0.91a | cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:* |
foolabs | xpdf | 0.91b | cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:* |
foolabs | xpdf | 0.91c | cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:* |
foolabs | xpdf | 0.92a | cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:* |
foolabs | xpdf | 0.92b | cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:* |
foolabs | xpdf | 0.92c | cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:* |
foolabs | xpdf | 0.92d | cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:* |
foolabs | xpdf | 0.92e | cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:* |