{"id":"UBUNTU-CVE-2011-4355","details":"GNU Project Debugger (GDB) before 7.5, when .debug_gdb_scripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafted files such as Python scripts.","modified":"2025-07-16T08:10:31.980577Z","published":"2013-03-05T21:38:00Z","withdrawn":"2025-07-18T16:42:44Z","upstream":["CVE-2011-4355"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2011-4355"},{"type":"REPORT","url":"http://sourceware.org/ml/gdb-patches/2011-04/msg00559.html"},{"type":"REPORT","url":"http://sourceware.org/ml/gdb-patches/2011-05/msg00202.html"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2011-4355"}],"affected":[{"package":{"name":"gdb","ecosystem":"Ubuntu:14.04:LTS","purl":"pkg:deb/ubuntu/gdb@7.7-0ubuntu3.1?arch=source&distro=trusty"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.7-0ubuntu3.1"}]}],"versions":["7.6.1-0ubuntu3","7.6.1-1ubuntu1","7.6.50.20131218-0ubuntu1","7.7-0ubuntu1","7.7-0ubuntu2","7.7-0ubuntu3"],"ecosystem_specific":{"binaries":[{"binary_version":"7.7-0ubuntu3.1","binary_name":"gdb"},{"binary_version":"7.7-0ubuntu3.1","binary_name":"gdb-minimal"},{"binary_version":"7.7-0ubuntu3.1","binary_name":"gdb-multiarch"},{"binary_version":"7.7-0ubuntu3.1","binary_name":"gdb-source"},{"binary_version":"7.7-0ubuntu3.1","binary_name":"gdb64"},{"binary_version":"7.7-0ubuntu3.1","binary_name":"gdbserver"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2011/UBUNTU-CVE-2011-4355.json"}}],"schema_version":"1.7.3","severity":[{"type":"Ubuntu","score":"low"}]}