gnc-test-env in GnuCash 2.3.15 and earlier places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050269.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050164.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050177.html
http://secunia.com/advisories/42048
http://secunia.com/advisories/42054
http://www.mandriva.com/security/advisories?name=MDVSA-2010:241
http://www.securityfocus.com/bid/44563
http://www.vupen.com/english/advisories/2010/2848
http://www.vupen.com/english/advisories/2010/2898
Source: MITRE
Published: 2010-11-05
Updated: 2010-12-10
Type: NVD-CWE-Other
Base Score: 6.9
Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Impact Score: 10
Exploitability Score: 3.4
Severity: MEDIUM