openSUSE 10 Security Update : tomboy (tomboy-4698)
Medium Nessus Plugin ID 28287
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThe tomboy mediaplayer used LD_LIBRARY_PATH unsafely by allowing empty LD_LIBRARY_PATH components.
This would enable the player to load its shared libraries of the current directory which might contain user-supplied shared libraries, potentially supplied from the network by an attacker. (CVE-2005-4790)
SolutionUpdate the affected tomboy package.