CVE-2008-5987

Eye of GNOME - Untrusted Search Path Vulnerability via Python Interface

Title source: llm
STIX 2.1

Description

Untrusted search path vulnerability in the Python interface in Eye of GNOME (eog) 2.22.3, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).

References (5)

Core 5
Core References
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2009/01/26/2
Issue Tracking x_refsource_confirm
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504352
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/33443
Third Party Advisory vendor-advisory x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200904-06.xml
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=481553

Scores

EPSS 0.0006
EPSS Percentile 18.7%

Details

Status published
Products (1)
gnome/eog 2.22.3
Published Jan 28, 2009
Tracked Since Feb 18, 2026