CVE-2009-0854

Untrusted search path vulnerability in dash 0.5.4, when used as a login shell, allows local users to execute arbitrary code via a Trojan horse .profile file in the current working directory.
Configurations

Configuration 1 (hide)

cpe:2.3:a:dash:dash:0.5.4:*:*:*:*:*:*:*

History

No history.

Information

Published : 2009-03-11 14:19

Updated : 2024-02-04 17:33


NVD link : CVE-2009-0854

Mitre link : CVE-2009-0854

CVE.ORG link : CVE-2009-0854


JSON object : View

Products Affected

dash

  • dash
CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')