CVE-2008-1132 — MEDIUM (4.7)

Vulnerability Description

Untrusted search path vulnerability in src/mainwindow.c in Net Activity Viewer 0.2.1 allows local users with Net Activity Viewer privileges to execute arbitrary code via a malicious gksu program, which is invoked during the Restart As Root action.

CVSS Score

4.7

MEDIUM

AV:L/AC:M/Au:N/C:N/I:C/A:N

Confidentiality

NONE

Integrity

COMPLETE

Availability

NONE

Affected Products

Vendor	Product	Versions
Net Activity Viewer	Net Activity Viewer	0.2.1

Related Weaknesses (CWE)

CWE-264

References

http://secunia.com/advisories/29097Vendor Advisory
http://sourceforge.net/project/shownotes.php?release_id=579181Patch
http://secunia.com/advisories/29097Vendor Advisory
http://sourceforge.net/project/shownotes.php?release_id=579181Patch

FAQ

What is CVE-2008-1132?

CVE-2008-1132 is a vulnerability with a CVSS score of 4.7 (MEDIUM). Untrusted search path vulnerability in src/mainwindow.c in Net Activity Viewer 0.2.1 allows local users with Net Activity Viewer privileges to execute arbitrary code via a malicious gksu program, whic...

How severe is CVE-2008-1132?

CVE-2008-1132 has been rated MEDIUM with a CVSS base score of 4.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2008-1132?

Check the references section above for vendor advisories and patch information. Affected products include: Net Activity Viewer Net Activity Viewer.