Vulnerability in Gnome Gtk

CVE-2010-4831

Untrusted search path vulnerability in gdk/win32/gdkinput-win32.c in GTK+ before 2.21.8 allows local users to gain privileges via a Trojan horse Wintab32.dll file in the current working directory.

EPSS: 0.001 (30.8th percentile) — read the EPSS interpretation.

Affected products

Gnome Gtk
N/a — versions n/a

Weakness classification (CWE)

CWE-426 — Untrusted Search Path

References

49449 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)
vultures@jpcert.or.jp (x_refsource_CONFIRM, Patch)
JVN#58019849 (x_refsource_JVN, Third Party Advisory, VDB Entry, third-party-advisory)
vultures@jpcert.or.jp (x_refsource_CONFIRM, Patch)
45815 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
JVNDB-2011-000072 (x_refsource_JVNDB, Third Party Advisory, VDB Entry, third-party-advisory)