Joined: 12 May 2004
|Posted: Mon Mar 09, 2009 7:26 pm Post subject: [ GLSA 200903-16 ] Epiphany: Untrusted search path
|Gentoo Linux Security Advisory
Title: Epiphany: Untrusted search path (GLSA 200903-16)
Date: March 09, 2009
An untrusted search path vulnerability in Epiphany might result in the
execution of arbitrary code.
Epiphany is a GNOME webbrowser based on the Mozilla rendering engine
Vulnerable: < 2.22.3-r2
Unaffected: >= 2.22.3-r2
Architectures: All supported architectures
James Vega reported an untrusted search path vulnerability in the
A local attacker could entice a user to run Epiphany from a directory
containing a specially crafted python module, resulting in the
execution of arbitrary code with the privileges of the user running
Do not run "epiphany" from untrusted working directories.
All Epiphany users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/epiphany-2.22.3-r2"
Last edited by GLSA on Thu Aug 15, 2013 4:27 am; edited 2 times in total