CVE-2022-4883

HIGH Year: 2022
CVSS v3 Score
8.8
High
Weakness Type
CWE-426
View all →

Vulnerability Description

A flaw was found in libXpm. When processing files with .Z or .gz extensions, the library calls external programs to compress and uncompress files, relying on the PATH environment variable to find these programs, which could allow a malicious user to execute other programs by manipulating the PATH environment variable.

Related Vulnerabilities

CVE-2016-1417

HIGH
CVSS:8.8(High)

Untrusted search path vulnerability in Snort 2.9.7.0-WIN32 allows remote attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse tcapi.dll that is located in the same ...

CWE-4262016

CVE-2017-2149

HIGH
CVSS:8.8(High)

Untrusted search path vulnerability in installers of the software for SDHC/SDXC Memory Card with embedded NFC functionality Software Update Tool V1.00.03 and earlier, SDHC Memory Card with embedded wi...

CWE-4262017

CVE-2017-2177

HIGH
CVSS:8.8(High)

Untrusted search path vulnerability in Installer of Shogyo Touki Denshi Ninsho Software Ver 1.7 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

CWE-4262017

CVE-2017-2178

HIGH
CVSS:8.8(High)

Untrusted search path vulnerability in Installer of electronic tendering and bid opening system available prior to May 25, 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspe...

CWE-4262017

CVE-2017-2206

HIGH
CVSS:8.8(High)

Untrusted search path vulnerability in the installer of SaAT Netizen ver.1.2.10.510 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

CWE-4262017

CVE-2017-2207

HIGH
CVSS:8.8(High)

Untrusted search path vulnerability in the installer of SaAT Personal ver.1.0.10.272 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

CWE-4262017