CVE-2011-4355
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2011-4355
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2011-4355.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2011-4355
- Downstream
- Published
- 2013-03-05T21:38:53Z
- Modified
- 2025-08-09T19:01:28Z
- Summary
- [none]
- Details
-
GNU Project Debugger (GDB) before 7.5, when .debuggdbscripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafted files such as Python scripts.
- References
-
- http://rhn.redhat.com/errata/RHSA-2013-0522.html
- http://sourceware.org/cgi-bin/cvsweb.cgi/~checkout~/src/gdb/NEWS?content-type=text/x-cvsweb-markup&cvsroot=src
- http://sourceware.org/ml/gdb-patches/2011-04/msg00559.html
- http://sourceware.org/ml/gdb-patches/2011-05/msg00202.html
- http://www.securitytracker.com/id/1028191