VYPR
Unrated severityNVD Advisory· Published Oct 20, 2010· Updated Jun 16, 2026

CVE-2010-3378

CVE-2010-3378

Description

The (1) scilab, (2) scilab-cli, and (3) scilab-adv-cli scripts in Scilab 5.2.2 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

Affected products

2
  • Scilab/Scilab2 versions
    cpe:2.3:a:scilab:scilab:5.2.2:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:scilab:scilab:5.2.2:*:*:*:*:*:*:*
    • (no CPE)range: =5.2.2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.