CVE-2009-0318

Medium

6.9/10

Summary

Untrusted search path vulnerability in the GObject Python interpreter wrapper in Gnumeric allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).

Access Complexity: MEDIUM
AccessVector: LOCAL
Authentication: NONE
Integrity Impact: COMPLETE
Confidentiality Impact: COMPLETE
Availability Impact: COMPLETE

References

Advisory Timeline

Published Jan 28, 2009

CVE-2009-0318

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS