CVE-2010-3385 (NVD)

2010-10-20

TuxGuitar 1.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

Products Tuxguitar
Type ? (NVD-CWE-Other)
First patch - None (likely due to unavailable code)
Links http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598307