Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2006-5327

Untrusted search path vulnerability in OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and earlier and possibly other products, allows local users to execute arbitrary code via a modified PATH that references a malicious gzip program, which is executed by gnutar with certain TAR_OPTIONS environment variable settings, when gnutar is invoked by OpenBase.

Published

2006-10-17T21:07:00.000

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 7.2 (HIGH)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

3.9

Impact Score

10.0

Weaknesses

Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	apple	xcode	≤ 2.2	Yes
Application	openbase_international_ltd	openbase	≤ 10.0	Yes
Application	openbase_international_ltd	openbase	7.0.15	Yes
Application	openbase_international_ltd	openbase	8.0.4	Yes
Application	openbase_international_ltd	openbase	9.1.5	Yes

References

http://lists.apple.com/archives/security-announce/2007/Oct/msg00001.html ([email protected])
http://secunia.com/advisories/22390 Patch, Vendor Advisory ([email protected])
http://secunia.com/advisories/22474 Patch, Vendor Advisory ([email protected])
http://secunia.com/advisories/27441 ([email protected])
http://www.digitalmunition.com/DMA%5B2006-1016a%5D.txt ([email protected])
http://www.digitalmunition.com/Xcode_OpenBase_pwn.pl ([email protected])
http://www.securityfocus.com/bid/20562 Exploit ([email protected])
http://www.securitytracker.com/id?1018872 ([email protected])
http://www.vupen.com/english/advisories/2006/4058 ([email protected])
http://www.vupen.com/english/advisories/2006/4059 ([email protected])
http://www.vupen.com/english/advisories/2007/3665 ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/29624 ([email protected])
http://lists.apple.com/archives/security-announce/2007/Oct/msg00001.html (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22390 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22474 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/27441 (af854a3a-2127-422b-91ae-364da2661108)
http://www.digitalmunition.com/DMA%5B2006-1016a%5D.txt (af854a3a-2127-422b-91ae-364da2661108)
http://www.digitalmunition.com/Xcode_OpenBase_pwn.pl (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/20562 Exploit (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id?1018872 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2006/4058 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2006/4059 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2007/3665 (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/29624 (af854a3a-2127-422b-91ae-364da2661108)