CVE-2014-2095
Published Feb 26, 2014
Last updated 11 years ago
Overview
- Description
- Untrusted search path vulnerability in Catfish 0.6.0 through 1.0.0, when a Fedora package such as 0.8.2-1 is not used, allows local users to gain privileges via a Trojan horse bin/catfish.pyc under the current working directory.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.6
- Impact score
- 6.4
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Evaluator
- Comment
- Per: http://cwe.mitre.org/data/definitions/426.html "CWE-426: Untrusted Search Path"
- Impact
- -
- Solution
- -
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:catfish_project:catfish:0.6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A59D5A2D-28D1-4EFE-BA6B-3D5954A78A55"
},
{
"criteria": "cpe:2.3:a:catfish_project:catfish:0.6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C0E9B60A-A07A-4E89-B690-C9B54F2B7F8B"
},
{
"criteria": "cpe:2.3:a:catfish_project:catfish:0.6.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B972FF27-B156-419D-8033-C61C613C8AE9"
},
{
"criteria": "cpe:2.3:a:catfish_project:catfish:0.6.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8488972F-3BB8-4FE4-AE3E-0EFAB55ED490"
},
{
"criteria": "cpe:2.3:a:catfish_project:catfish:0.6.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "12645E1B-2624-488E-9E02-0B5F520C3B85"
},
{
"criteria": "cpe:2.3:a:catfish_project:catfish:0.8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "62051C89-8F1D-4E82-AF3E-0FB6259B0F18"
},
{
"criteria": "cpe:2.3:a:catfish_project:catfish:0.8.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4D681028-1742-4815-92C4-5DFDC152475F"
},
{
"criteria": "cpe:2.3:a:catfish_project:catfish:0.8.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B3AD28D9-5220-4250-8B79-35E88471B792"
},
{
"criteria": "cpe:2.3:a:catfish_project:catfish:1.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0C7ED3A9-6DCF-4469-9BB8-063B24E6F637"
}
],
"operator": "OR"
}
]
}
]