Vulnerability Database

290,206

Total vulnerabilities in the database

CVE-2010-4236

Untrusted search path vulnerability in estaskwrapper in IBM OmniFind Enterprise Edition before 9.1 allows local users to gain privileges via an ES_LIBRARY_PATH environment variable and a modified PATH environment variable, which is used during execution of the estasklight program, a different vulnerability than CVE-2010-3895.

  • Published: Nov 12, 2010
  • Updated: Apr 13, 2023
  • CVE: CVE-2010-4236
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.9
  • AV:L/AC:M/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Software From Fixed in
ibm / omnifind 8.0 8.0.x
ibm / omnifind 6.1 6.1.x
ibm / omnifind 8.5 8.5.x
ibm / omnifind 8.4 8.4.x
ibm / omnifind - 9.0.x