CVE-2010-4833
Published: 6 September 2011
Untrusted search path vulnerability in modules/engines/ms-windows/xp_theme.c in GTK+ before 2.24.0 allows local users to gain privileges via a Trojan horse uxtheme.dll file in the current working directory, a different vulnerability than CVE-2010-4831.
Notes
Author | Note |
---|---|
jdstrand | Windows only |
Priority
Status
Package | Release | Status |
---|---|---|
gtk+2.0 Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Ignored
|
|
maverick |
Ignored
|
|
natty |
Ignored
|
|
upstream |
Needs triage
|
|
Patches: other: http://git.gnome.org/browse/gtk+/commit/modules/engines/ms-windows/xp_theme.c?h=gtk-2-24&id=d6e11a97e318158f5d210a0476870dfe14ed95e6 |