{
  "id": "CVE-2005-4443",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2005-12-21T02:03:00.000",
  "lastModified": "2008-09-05T20:56:54.143",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "Untrusted search path vulnerability in Gauche before 0.8.6-r1 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "accessVector": "LOCAL",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "acInsufInfo": false,
        "obtainAllPrivilege": true,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:gauche:gauche:0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "118B2020-A741-47CC-B996-973EE052B0FA"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:gauche:gauche:0.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "099CF594-6D26-4475-9940-0822B8AA87A3"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:gauche:gauche:0.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C92AA609-E1A6-49FD-AED8-588D26A53994"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:gauche:gauche:0.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "892A222E-2923-40D4-B7E5-F60D43A86487"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:gauche:gauche:0.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "28006D0A-90A9-4B63-9145-5A0D1FB84B6C"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:gauche:gauche:0.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFE9C91E-D3FB-4112-BB80-6494E0EBACD3"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-07.xml",
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ]
    },
    {
      "url": "http://www.securityfocus.com/bid/15120",
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ]
    }
  ]
}