CVE-2005-4595

Summary

CVE	CVE-2005-4595
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2005-12-31 05:00:00 UTC
Updated	2017-07-20 01:29:00 UTC
Description	Untrusted search path vulnerability (RPATH) in XnView 1.70 and NView 4.51 on Gentoo Linux allows local users to execute arbitrary code via a malicious library in the current working directory.

Risk And Classification

Problem Types: NVD-CWE-Other

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Gentoo	Nview	4.51	All	All	All
Application	Gentoo	Nview	4.51	All	All	All
Application	Gentoo	Xnview	1.70	All	All	All
Application	Gentoo	Xnview	1.70	All	All	All

References

Reference	Source	Link	Tags
Gentoo Bug 117063 - x11-misc/xnview: insecure rpath	MISC	bugs.gentoo.org
22094	OSVDB	www.osvdb.org
22093	OSVDB	www.osvdb.org
Secunia - Advisories - Gentoo update for xnview	SECUNIA	secunia.com	Vendor Advisory
Gentoo Linux Documentation -- XnView: Privilege escalation	GENTOO	www.gentoo.org	Patch
Gentoo Linux XnView Insecure RPATH Vulnerability	BID	www.securityfocus.com	Patch
IBM X-Force Exchange	XF	exchange.xforce.ibmcloud.com
Secunia - Advisories - XnView / NView Insecure RPATH Vulnerability	SECUNIA	secunia.com	Vendor Advisory
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.