{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2008-5986","title":"Title"},{"category":"description","text":"Untrusted search path vulnerability in the (1) \"VST plugin with Python scripting\" and (2) \"VST plugin for writing score generators in Python\" in Csound 5.08.2, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2008-5986","url":"https://www.suse.com/security/cve/CVE-2008-5986"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 470095 for CVE-2008-5986","url":"https://bugzilla.suse.com/470095"}],"title":"SUSE CVE CVE-2008-5986","tracking":{"current_release_date":"2023-02-15T06:05:49Z","generator":{"date":"2023-02-15T06:05:49Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2008-5986","initial_release_date":"2023-02-15T06:05:49Z","revision_history":[{"date":"2023-02-15T06:05:49Z","number":"2","summary":"Current version"}],"status":"interim","version":"2"}}}