Vulnerability Description
lv reads a .lv file from the current working directory, which allows local users to execute arbitrary commands as other lv users by placing malicious .lv files into other directories.
CVSS Score
7.2
HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Lv | Lv | 4.49.1 |
| Redhat | Lv | 4.49.4-1 |
| Redhat | Linux | 7.1 |
References
- http://www.debian.org/security/2003/dsa-304PatchVendor Advisory
- http://www.redhat.com/support/errata/RHSA-2003-167.html
- http://www.redhat.com/support/errata/RHSA-2003-169.htmlPatchVendor Advisory
- http://www.turbolinux.com/security/TLSA-2003-35.txt
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://www.debian.org/security/2003/dsa-304PatchVendor Advisory
- http://www.redhat.com/support/errata/RHSA-2003-167.html
- http://www.redhat.com/support/errata/RHSA-2003-169.htmlPatchVendor Advisory
- http://www.turbolinux.com/security/TLSA-2003-35.txt
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2003-0188?
CVE-2003-0188 is a vulnerability with a CVSS score of 7.2 (HIGH). lv reads a .lv file from the current working directory, which allows local users to execute arbitrary commands as other lv users by placing malicious .lv files into other directories.
How severe is CVE-2003-0188?
CVE-2003-0188 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-0188?
Check the references section above for vendor advisories and patch information. Affected products include: Lv Lv, Redhat Lv, Redhat Linux.