Candidate: CVE-2010-3998
PublicDate: 2010-11-06 00:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3998
Description:
 The (1) banshee-1 and (2) muinshee scripts in Banshee 1.8.0 and earlier
 place a zero-length directory name in the LD_LIBRARY_PATH, which allows
 local users to gain privileges via a Trojan horse shared library in the
 current working directory.  NOTE: Banshee might also be affected using
 GST_PLUGIN_PATH.
Ubuntu-Description:
Notes:
Bugs:
 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605095
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_banshee:
upstream_banshee: released (1.9.0, 2.0.0)
dapper_banshee: ignored (reached end-of-life)
hardy_banshee: ignored (reached end-of-life)
karmic_banshee: ignored (reached end-of-life)
lucid_banshee: ignored (reached end-of-life)
maverick_banshee: ignored (reached end-of-life)
natty_banshee: ignored (reached end-of-life)
oneiric_banshee: ignored (reached end-of-life)
precise_banshee: not-affected (2.4.0-2ubuntu1)
quantal_banshee: ignored (reached end-of-life)
raring_banshee: ignored (reached end-of-life)
saucy_banshee: ignored (reached end-of-life)
trusty_banshee: not-affected (2.4.0-2ubuntu1)
trusty/esm_banshee: DNE (trusty was not-affected [2.4.0-2ubuntu1])
devel_banshee: not-affected (2.4.0-2ubuntu1)