LWN.net Logo

elinks: code execution

Package(s):elinks CVE #(s):CVE-2007-2027
Created:May 7, 2007 Updated:October 30, 2009
Description: Arnaud Giersch discovered that elinks incorrectly attempted to load gettext catalogs from a relative path. If a user were tricked into running elinks from a specific directory, a local attacker could execute code with user privileges.
Alerts:
Red Hat RHSA-2009:1471-01 2009-10-01
CentOS CESA-2009:1471 2009-10-06
CentOS CESA-2009:1471 2009-10-30
Gentoo 200706-03 2007-06-06
Ubuntu USN-457-1 2007-05-07
Oracle ELSA-2013-0250 2013-02-11

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds