- Home
- CVEs with oval.description==The+command+matching+functionality+in+sudo+1.6.8+through+1.7.2p5+does+not+properly+handle+when+a+file+in+the+current+working+directory+has+the+same+name+as+a+pseudo-command+in+the+sudoers+file+and+the+PATH+contains+an+entry+for+%22.%22%2C+which+allows+local+users+to+execute+arbitrary+commands+via+a+Trojan+horse+executable%2C+as+demonstrated+using+sudoedit%2C+a+different+vulnerability+than+CVE-2010-0426.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top