1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
Candidate: CVE-2010-3996
PublicDate: 2010-11-05
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3996
Description:
festival_server in Centre for Speech Technology Research (CSTR) Festival,
probably 2.0.95-beta and earlier, places a zero-length directory name in
the LD_LIBRARY_PATH, which allows local users to gain privileges via a
Trojan horse shared library in the current working directory.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
Patches_a:
upstream_festival: needs-triage
dapper_festival: ignored (reached end-of-life)
hardy_festival: ignored (reached end-of-life)
karmic_festival: ignored (reached end-of-life)
lucid_festival: ignored (reached end-of-life)
maverick_festival: ignored (reached end-of-life)
natty_festival: ignored (reached end-of-life)
oneiric_festival: ignored (reached end-of-life)
precise_festival: ignored (reached end-of-life)
precise/esm_festival: DNE (precise was needs-triage)
quantal_festival: ignored (reached end-of-life)
raring_festival: ignored (reached end-of-life)
saucy_festival: ignored (reached end-of-life)
trusty_festival: needs-triage
utopic_festival: ignored (reached end-of-life)
vivid_festival: ignored (reached end-of-life)
vivid/stable-phone-overlay_festival: DNE
vivid/ubuntu-core_festival: DNE
wily_festival: ignored (reached end-of-life)
xenial_festival: needs-triage
yakkety_festival: ignored (reached end-of-life)
zesty_festival: needs-triage
devel_festival: needs-triage
|