Arbitrary Code Execution Vulnerability in Tcl/Tk Package (tcltk) 8.3.1

Arbitrary Code Execution Vulnerability in Tcl/Tk Package (tcltk) 8.3.1

CVE-2001-1375 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

tcl/tk package (tcltk) 8.3.1 searches for its libraries in the current working directory before other directories, which could allow local users to execute arbitrary code via a Trojan horse library that is under a user-controlled directory.

Learn more about our User Device Pen Test.