Common Vulnerabilities and Exposures assigned an identifier CVE-2010-3996 to the following vulnerability: Name: CVE-2010-3996 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3996 Assigned: 20101019 Reference: MLIST:[opensuse-updates] 20101022 openSUSE-SU-2010:0756-1 (moderate): festival security update Reference: URL: http://lists.opensuse.org/opensuse-updates/2010-10/msg00028.html Reference: CONFIRM: https://bugzilla.novell.com/show_bug.cgi?id=642507 Reference: BID:44395 Reference: URL: http://www.securityfocus.com/bid/44395 festival_server in Centre for Speech Technology Research (CSTR) Festival, probably 2.0.95-beta and earlier, places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
This issue does not affect the version of festival as provided with Red Hat Enterprise Linux 3, 4, or 5. It also does not affect any version of festival as provided with Fedora (none of the festival_server scripts manipulate LD_LIBRARY_PATH at all). Perhaps this is a 2.x "feature".
Statement: Not vulnerable. This issue did not affect the versions of festival as shipped with Red Hat Enterprise Linux 3, 4, or 5.