CVE-2008-2366

Untrusted search path vulnerability in a certain Red Hat build script for OpenOffice.org (OOo) 1.1.x on Red Hat Enterprise Linux (RHEL) 3 and 4 allows local users to gain privileges via a malicious library in the current working directory, related to incorrect quoting of the ORIGIN symbol for use in the RPATH library path.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.4 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:P/I:P/A:P
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 22%
VendorProductVersion
openofficeopenoffice
1.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/30633
http://securitytracker.com/id?1020278
http://www.redhat.com/support/errata/RHSA-2008-0538.html
http://www.securityfocus.com/bid/29695
https://bugzilla.redhat.com/show_bug.cgi?id=450532
https://exchange.xforce.ibmcloud.com/vulnerabilities/43322
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11361
http://secunia.com/advisories/30633
http://securitytracker.com/id?1020278
http://www.redhat.com/support/errata/RHSA-2008-0538.html
http://www.securityfocus.com/bid/29695
https://bugzilla.redhat.com/show_bug.cgi?id=450532
https://exchange.xforce.ibmcloud.com/vulnerabilities/43322
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11361