Launchpad.net

CVE 2008-5986

Untrusted search path vulnerability in the (1) "VST plugin with Python scripting" and (2) "VST plugin for writing score generators in Python" in Csound 5.08.2, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).

Related bugs and status

CVE-2008-5986 (Candidate) is related to these bugs:

Bug #322196: Untrusted search path vulnerability in Python and multiple other programs

		In	Importance	Status
322196	Untrusted search path vulnerability in Python and multiple other programs	python2.5 (Ubuntu)	Low	Invalid
322196	Untrusted search path vulnerability in Python and multiple other programs	python2.4 (Ubuntu)	Low	Invalid
322196	Untrusted search path vulnerability in Python and multiple other programs	dia (Ubuntu)	Low	Fix Released
322196	Untrusted search path vulnerability in Python and multiple other programs	epiphany (Ubuntu)	Undecided	Invalid
322196	Untrusted search path vulnerability in Python and multiple other programs	csound (Ubuntu)	Low	Fix Released
322196	Untrusted search path vulnerability in Python and multiple other programs	eog (Ubuntu)	Low	Fix Released
322196	Untrusted search path vulnerability in Python and multiple other programs	gedit (Ubuntu)	Low	Fix Released
322196	Untrusted search path vulnerability in Python and multiple other programs	xchat (Ubuntu)	Low	Fix Released
322196	Untrusted search path vulnerability in Python and multiple other programs	vim (Ubuntu)	Low	Fix Released
322196	Untrusted search path vulnerability in Python and multiple other programs	nautilus-python (Ubuntu)	Low	Fix Released
322196	Untrusted search path vulnerability in Python and multiple other programs	gnumeric (Ubuntu)	Low	Fix Released
322196	Untrusted search path vulnerability in Python and multiple other programs	epiphany-browser (Ubuntu)	Low	Fix Released
322196	Untrusted search path vulnerability in Python and multiple other programs	python2.3 (Ubuntu)	Undecided	Won't Fix
322196	Untrusted search path vulnerability in Python and multiple other programs	gedit	Medium	Fix Released
322196	Untrusted search path vulnerability in Python and multiple other programs	python2.6 (Ubuntu)	Low	Fix Released
322196	Untrusted search path vulnerability in Python and multiple other programs	Python	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2008-5986

Related bugs and status

Related bugs

References