CVE-2015-3409
EPSS 0.06%
Description
Untrusted search path vulnerability in Module::Signature before 0.75 allows local users to gain privileges via a Trojan horse module under the current working directory, as demonstrated by a Trojan horse Text::Diff module.
How to fix CVE-2015-3409
To remediate CVE-2015-3409, upgrade the affected package to a fixed version below.
- Debian/libmodule-signature-perl—upgrade to 0.78-1 or later
Is CVE-2015-3409 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 0.78-1