CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
5.1%
Untrusted search path vulnerability in CMake before 2.2.0-r1 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH.
Vendor | Product | Version | CPE |
---|---|---|---|
kitware | cmake | 1.4.3 | cpe:2.3:a:kitware:cmake:1.4.3:*:*:*:*:*:*:* |
kitware | cmake | 1.4.4 | cpe:2.3:a:kitware:cmake:1.4.4:*:*:*:*:*:*:* |
kitware | cmake | 1.4.5 | cpe:2.3:a:kitware:cmake:1.4.5:*:*:*:*:*:*:* |
kitware | cmake | 1.4.6 | cpe:2.3:a:kitware:cmake:1.4.6:*:*:*:*:*:*:* |
kitware | cmake | 1.4.7 | cpe:2.3:a:kitware:cmake:1.4.7:*:*:*:*:*:*:* |
kitware | cmake | 1.6.0 | cpe:2.3:a:kitware:cmake:1.6.0:*:*:*:*:*:*:* |
kitware | cmake | 1.6.0_beta1 | cpe:2.3:a:kitware:cmake:1.6.0_beta1:*:*:*:*:*:*:* |
kitware | cmake | 1.6.0_beta2 | cpe:2.3:a:kitware:cmake:1.6.0_beta2:*:*:*:*:*:*:* |
kitware | cmake | 1.6.1 | cpe:2.3:a:kitware:cmake:1.6.1:*:*:*:*:*:*:* |
kitware | cmake | 1.6.2 | cpe:2.3:a:kitware:cmake:1.6.2:*:*:*:*:*:*:* |