MEDIUM🇬🇧 English

CVE-2010-3354

CVSS 6.9v2.0pub. 2010-10-20upd. 2026-04-29

dropboxd in Dropbox 0.7.110 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

oryginał EN
CVSS Vector
AV:L/AC:M/Au:N/C:C/I:C/A:C
  • Dropbox

    APP
    Dropbox
    0.7.110
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2019-12171HIGH7.8ten sam produkt

Dropbox.exe (and QtWebEngineProcess.exe in the Web Helper) in the Dropbox desktop application 71.4.108.0 store...

CVE-2018-12271MEDIUM6.4ten sam produkt

An issue was discovered in the com.getdropbox.Dropbox app 100.2 for iOS. The LAContext class for Biometric (To...

CVE-2018-12445LOW3.1ten sam produkt

An issue was discovered in the com.dropbox.android application 98.2.2 for Android. The FingerprintManager clas...

CVE-2018-12446LOW3.6ten sam produkt

An issue was discovered in the com.dropbox.android application 98.2.2 for Android. The Passcode feature allows...

CVE-2024-25718CRITICAL9.8PL ✓ten sam vendor

Samly (Elixir): wygasłe sesje SAML nie są unieważniane — błąd kontroli dostępu