Oval Definition:	oval:org.opensuse.security:def:20084865
Revision Date: 2022-06-30 Version: 1 Title: CVE-2008-4865 Description: Untrusted search path vulnerability in valgrind before 3.4.0 allows local users to execute arbitrary programs via a Trojan horse .valgrindrc file in the current working directory, as demonstrated using a malicious --db-command options. NOTE: the severity of this issue has been disputed, but CVE is including this issue because execution of a program from an untrusted directory is a common scenario. Family: unix Class: vulnerability Status: Reference(s): CVE-2008-4865 Mitre CVE-2008-4865 SUSE CVE-2008-4865 SUSE-SR:2009:002 SUSE-SR:2009:002 Platform(s): Novell Linux Desktop 9 SDK for x86 Novell Linux Desktop 9 SDK for x86_64 openSUSE 10.3 openSUSE 11.0 openSUSE Tumbleweed SLES SDK 9 for x86 SLES SDK 9 for X86-64 SUSE Linux Enterprise SDK 10 SP2 SUSE Linux Enterprise Software Development Kit 11 SP4 Product(s): Definition Synopsis sles10-sp2-sdk is installed AND valgrind less than 3.3.0-15.5 Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND Package Information valgrind-3.8.1-0.5 is installed OR valgrind-devel-3.8.1-0.5 is installed Definition Synopsis openSUSE Tumbleweed is installed AND Package Information valgrind-3.17.0-2.3 is installed OR valgrind-32bit-3.17.0-2.3 is installed OR valgrind-devel-3.17.0-2.3 is installed
BACK