Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

ArchLinux GLSA-201202-04: Mozilla Firefox Denial of Service Issue

gentoo
Calendar Grey January 27, 2008
Dist Gentoo Esm H88
Dive into Gentoo GLSA 200801-14 which highlights a vulnerability in Blam that could lead to user-triggered code execution. Protect your system now.
Blam doesn't properly handle environment variables, potentially allowing a local attacker to execute arbitrary code.

Summary

Gentoo Linux Security Advisory GLSA 200801-14 https://security.gentoo.org/ Severity: Normal Title: Blam: User-assisted execution of arbitrary code Date: January 27, 2008 Bugs: #199841 ID: 200801-14

Synopsis ======= Blam doesn't properly handle environment variables, potentially allowing a local attacker to execute arbitrary code.
Background ========= Blam is an RSS and Atom feed reader for GNOME written in C#.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-news/blam < 1.8.4 >= 1.8.4
========== The "/usr/bin/blam" script sets the "LD_LIBRARY_PATH" environment variable incorrectly, which might result in the current working directory (.) being incl...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory gentoo code execution library search normal severity blam user-assisted issue

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory gentoo code execution library search normal severity blam user-assisted issue

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here