CVE

Id
2905  
CVE No.
CVE-2001-0084  
Status
Candidate  
Description
GTK+ library allows local users to specify arbitrary modules via the GTK_MODULES environmental variable, which could allow local users to gain privileges if GTK+ is used by a setuid/setgid program.  
Phase
Proposed (20010202)  
Votes
ACCEPT(1) Baker | MODIFY(1) Frech | NOOP(5) Christey, Cole, Prosser, Wall, Ziese  
Comments
Frech> XF:gtk-module-execute-code(5832) | Christey> XF:gtk-module-execute-code | URL:http://xforce.iss.net/static/5832.php | Christey> TURBO:TLSA2001026 | URL:http://www.turbolinux.com/pipermail/tl-security-announce/2001-June/000440.html  

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
11856 2905 CVE-2001-0084 BUGTRAQ:20010102 gtk+ security hole.  View
11857 2905 CVE-2001-0084 URL:http://archives.neohapsis.com/archives/bugtraq/2000-12/0498.html  View
11858 2905 CVE-2001-0084 BUGTRAQ:20010103 Claimed vulnerability in GTK_MODULES  View
11859 2905 CVE-2001-0084 URL:http://archives.neohapsis.com/archives/bugtraq/2001-01/0027.html  View
11860 2905 CVE-2001-0084 BID:2165  View
11861 2905 CVE-2001-0084 URL:http://www.securityfocus.com/bid/2165  View

Related JVN