← CVECheck
HomeVulnerabilities

CVE-2000-1163 — MEDIUM severity vulnerability (ghostscript before 5.10-16 uses an empty LD_RUN_PATH environ)

ghostscript before 5.10-16 uses an empty LD_RUN_PATH environmental variable to find libraries in the current directory, which could allow local users to execute commands as other users by placing a Trojan horse library into a directory from which another user executes ghostscript.

CVE IDCVE-2000-1163
SeverityMEDIUM
CVSS score4.6
CVSS vectorAV:L/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2001-01-09
Last modified2026-04-16
Descriptionghostscript before 5.10-16 uses an empty LD_RUN_PATH environmental variable to find libraries in the current directory, which could allow local users to execute commands as other users by placing a Trojan horse library into a directory from which another user executes ghostscript.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →