Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Untrusted search path vulnerability in estaskwrapper in IBM OmniFind Enterprise Edition before 9.1 allows local users to gain privileges via an ES_LIBRARY_PATH environment variable and a modified PATH environment variable, which is used during execution of the estasklight program, a different vulnerability than CVE-2010-3895.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM OmniFind estaskwrapper非信任搜索路径漏洞
Vulnerability Description
IBM OmniFind Enterprise Edition提供可靠的企业内部网,公共Web站点和信息提取应用。 IBM OmniFind Enterprise Edition 9.1版本中的estaskwrapper中存在非信任搜索路径漏洞。本地用户可以借助ES_LIBRARY_PATH环境变量和被修改过的PATH环境变量获取特权。该漏洞是在estasklight程序执行的过程中得到利用的。
CVSS Information
N/A
Vulnerability Type
N/A