Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The (1) scilab, (2) scilab-cli, and (3) scilab-adv-cli scripts in Scilab 5.2.2 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Scilab多个脚本LD_LIBRARY_PATH设计错误漏洞
Vulnerability Description
Scilab(Scientific Laboratory)是一个为工程和科学应用量身定做的强大计算环境,由一系列数值计算的科学软件包组成,由INRIA和ENPC的研究者开发的开放源码的科学计算自由软件。 Scilab 5.2.2版本中的(1)scilab,(2)scilab-cli以及(3)scilab-adv-cli脚本在LD_LIBRARY_PATH中放置了零长度的目录名称。本地用户可以借助在当前工作目录中的共享库文件的Trojan木马获得权限提升。
CVSS Information
N/A
Vulnerability Type
N/A