Aladdin Ghostscript Arbitrary Shared Library Usage Vulnerability

A vulnerability occurs in certain versions of Aladdin Ghostscript, a multiplatform PostScript interpreter.

Improper use of the LD_RUN_PATH environment variable can cause the program to load shared libraries found in the current directory.

An attacker with a malicious shared library could exploit this to execute hostile code on the affected host, potentially elevating their privileges.


 

Privacy Statement
Copyright 2010, SecurityFocus