lv reads a .lv file from the current working directory, which allows local users to execute arbitrary commands as other lv users by placing malicious .lv files into other directories.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lv | lv | 4.49.4 |
| redhat | linux | 7.2 |
| lv | lv | 4.49.2 |
| lv | lv | 4.49.1 |
| redhat | lv | 4.49.4-9 |
| redhat | linux | 7.1 |
| redhat | lv | 4.49.4-1 |
| redhat | lv | 4.49.4-7 |
| redhat | linux | 7.3 |
| lv | lv | 4.49.3 |
| redhat | linux | 9.0 |
| redhat | linux | 8.0 |
| redhat | lv | 4.49.4-3 |