7.2
CVE-2006-5327
- EPSS 0.17%
- Published 17.10.2006 21:07:00
- Last modified 09.04.2025 00:30:58
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
Untrusted search path vulnerability in OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and earlier and possibly other products, allows local users to execute arbitrary code via a modified PATH that references a malicious gzip program, which is executed by gnutar with certain TAR_OPTIONS environment variable settings, when gnutar is invoked by OpenBase.
Data is provided by the National Vulnerability Database (NVD)
Openbase International Ltd ≫ Openbase Editionmac_os_x Version <= 10.0
Openbase International Ltd ≫ Openbase Version7.0.15 Editionmac_os_x
Openbase International Ltd ≫ Openbase Version8.0.4 Editionmac_os_x
Openbase International Ltd ≫ Openbase Version9.1.5 Editionmac_os_x
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.17% | 0.389 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|