MidnightBSD

Advisories for banshee-project

CVE-2010-3998 MEDIUM

The (1) banshee-1 and (2) muinshee scripts in Banshee 1.8.0 and earlier place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: Banshee might also be affected using GST_PLUGIN_PATH.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
banshee-project banshee 1.5.4
banshee-project banshee 1.5.2
banshee-project banshee 1.7.6
banshee-project banshee 1.6.1
banshee-project banshee 1.0
banshee-project banshee 1.5.6
banshee-project banshee 1.2.1
banshee-project banshee 1.7.4
banshee-project banshee 1.2
banshee-project banshee 1.6.0
banshee-project banshee 1.4.2
banshee-project banshee 1.7.0
banshee-project banshee 1.7.1
banshee-project banshee 1.7.3
banshee-project banshee 1.4
banshee-project banshee 1.5.3
banshee-project banshee 1.5.5
banshee-project banshee 1.5.1
banshee-project banshee 1.7.2
banshee-project banshee 0.13.2
banshee-project banshee 1.5.0
banshee-project banshee 1.4.3
banshee-project banshee *
banshee-project banshee 1.7.5