Vulnerability Description
Untrusted search path vulnerability in hsolinkcontrol in hsolink 1.0.118 allows local users to gain privileges via a modified PATH environment variable, which is used during execution of the (1) route, (2) mv, and (3) cp programs, a different vulnerability than CVE-2010-1671.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Pharscape | Hsolink | 1.0.118 |
Related Weaknesses (CWE)
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590670
- http://ftp.de.debian.org/debian/pool/main/h/hsolink/hsolink_1.0.118.orig.tar.gz
- http://osvdb.org/66837
- https://exchange.xforce.ibmcloud.com/vulnerabilities/60877
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590670
- http://ftp.de.debian.org/debian/pool/main/h/hsolink/hsolink_1.0.118.orig.tar.gz
- http://osvdb.org/66837
- https://exchange.xforce.ibmcloud.com/vulnerabilities/60877
FAQ
What is CVE-2010-2929?
CVE-2010-2929 is a vulnerability with a CVSS score of 7.2 (HIGH). Untrusted search path vulnerability in hsolinkcontrol in hsolink 1.0.118 allows local users to gain privileges via a modified PATH environment variable, which is used during execution of the (1) route...
How severe is CVE-2010-2929?
CVE-2010-2929 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-2929?
Check the references section above for vendor advisories and patch information. Affected products include: Pharscape Hsolink.