VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
epss	0.04991	https://api.first.org/data/v1/epss?cve=CVE-2010-3847
epss	0.04991	https://api.first.org/data/v1/epss?cve=CVE-2010-3847
epss	0.04991	https://api.first.org/data/v1/epss?cve=CVE-2010-3847
epss	0.04991	https://api.first.org/data/v1/epss?cve=CVE-2010-3847
epss	0.04991	https://api.first.org/data/v1/epss?cve=CVE-2010-3847
epss	0.04991	https://api.first.org/data/v1/epss?cve=CVE-2010-3847
epss	0.05524	https://api.first.org/data/v1/epss?cve=CVE-2010-3847
epss	0.05524	https://api.first.org/data/v1/epss?cve=CVE-2010-3847
epss	0.05524	https://api.first.org/data/v1/epss?cve=CVE-2010-3847
epss	0.05524	https://api.first.org/data/v1/epss?cve=CVE-2010-3847
epss	0.05524	https://api.first.org/data/v1/epss?cve=CVE-2010-3847
epss	0.05524	https://api.first.org/data/v1/epss?cve=CVE-2010-3847
epss	0.05524	https://api.first.org/data/v1/epss?cve=CVE-2010-3847
epss	0.05524	https://api.first.org/data/v1/epss?cve=CVE-2010-3847
epss	0.05524	https://api.first.org/data/v1/epss?cve=CVE-2010-3847
epss	0.05524	https://api.first.org/data/v1/epss?cve=CVE-2010-3847
epss	0.05524	https://api.first.org/data/v1/epss?cve=CVE-2010-3847
epss	0.07574	https://api.first.org/data/v1/epss?cve=CVE-2010-3847
epss	0.07574	https://api.first.org/data/v1/epss?cve=CVE-2010-3847
epss	0.07574	https://api.first.org/data/v1/epss?cve=CVE-2010-3847
epss	0.07574	https://api.first.org/data/v1/epss?cve=CVE-2010-3847
epss	0.07574	https://api.first.org/data/v1/epss?cve=CVE-2010-3847

System

Score

Found at

epss

0.04991

https://api.first.org/data/v1/epss?cve=CVE-2010-3847

epss

0.04991

https://api.first.org/data/v1/epss?cve=CVE-2010-3847

epss

0.04991

https://api.first.org/data/v1/epss?cve=CVE-2010-3847

epss

0.04991

https://api.first.org/data/v1/epss?cve=CVE-2010-3847

epss

0.04991

https://api.first.org/data/v1/epss?cve=CVE-2010-3847

epss

0.04991

https://api.first.org/data/v1/epss?cve=CVE-2010-3847

epss

0.05524

https://api.first.org/data/v1/epss?cve=CVE-2010-3847

epss

0.05524

https://api.first.org/data/v1/epss?cve=CVE-2010-3847

epss

0.05524

https://api.first.org/data/v1/epss?cve=CVE-2010-3847

epss

0.05524

https://api.first.org/data/v1/epss?cve=CVE-2010-3847

epss

0.05524

https://api.first.org/data/v1/epss?cve=CVE-2010-3847

epss

0.05524

https://api.first.org/data/v1/epss?cve=CVE-2010-3847

epss

0.05524

https://api.first.org/data/v1/epss?cve=CVE-2010-3847

epss

0.05524

https://api.first.org/data/v1/epss?cve=CVE-2010-3847

epss

0.05524

https://api.first.org/data/v1/epss?cve=CVE-2010-3847

epss

0.05524

https://api.first.org/data/v1/epss?cve=CVE-2010-3847

epss

0.05524

https://api.first.org/data/v1/epss?cve=CVE-2010-3847

epss

0.07574

https://api.first.org/data/v1/epss?cve=CVE-2010-3847

epss

0.07574

https://api.first.org/data/v1/epss?cve=CVE-2010-3847

epss

0.07574

https://api.first.org/data/v1/epss?cve=CVE-2010-3847

epss

0.07574

https://api.first.org/data/v1/epss?cve=CVE-2010-3847

epss

0.07574

https://api.first.org/data/v1/epss?cve=CVE-2010-3847

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3847.json
		https://api.first.org/data/v1/epss?cve=CVE-2010-3847
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3847
600667		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=600667
643306		https://bugzilla.redhat.com/show_bug.cgi?id=643306
CVE-2010-3847	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/44024.rb
CVE-2010-3847	Exploit	https://raw.githubusercontent.com/rapid7/metasploit-framework/add7ae8fa18f689ff7e41057bc5bd51fdc8eaa5e/modules/exploits/linux/local/glibc_origin_expansion_priv_esc.rb
CVE-2010-3856;CVE-2010-3847	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/44025.rb
CVE-2010-3856;CVE-2010-3847	Exploit	https://raw.githubusercontent.com/rapid7/metasploit-framework/cb1b59545b1378be9e781787b028fee03d734f58/modules/exploits/linux/local/glibc_ld_audit_dso_load_priv_esc.rb
CVE-2010-3856;OSVDB-68920;CVE-2010-3847	Exploit	http://marc.info/?l=full-disclosure&m=128776663124692&w=2
CVE-2010-3856;OSVDB-68920;CVE-2010-3847	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/15304.txt
CVE-2011-0536;OSVDB-68721;CVE-2010-3847	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/15274.txt
RHSA-2010:0787		https://access.redhat.com/errata/RHSA-2010:0787
RHSA-2010:0872		https://access.redhat.com/errata/RHSA-2010:0872
USN-1009-1		https://usn.ubuntu.com/1009-1/

Reference id

Reference type

URL

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3847.json

https://api.first.org/data/v1/epss?cve=CVE-2010-3847

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3847

600667

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=600667

643306

https://bugzilla.redhat.com/show_bug.cgi?id=643306

CVE-2010-3847

Exploit

https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/44024.rb

CVE-2010-3847

Exploit

https://raw.githubusercontent.com/rapid7/metasploit-framework/add7ae8fa18f689ff7e41057bc5bd51fdc8eaa5e/modules/exploits/linux/local/glibc_origin_expansion_priv_esc.rb

CVE-2010-3856;CVE-2010-3847

Exploit

https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/44025.rb

CVE-2010-3856;CVE-2010-3847

Exploit

https://raw.githubusercontent.com/rapid7/metasploit-framework/cb1b59545b1378be9e781787b028fee03d734f58/modules/exploits/linux/local/glibc_ld_audit_dso_load_priv_esc.rb

CVE-2010-3856;OSVDB-68920;CVE-2010-3847

Exploit

http://marc.info/?l=full-disclosure&m=128776663124692&w=2

CVE-2010-3856;OSVDB-68920;CVE-2010-3847

Exploit

https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/15304.txt

CVE-2011-0536;OSVDB-68721;CVE-2010-3847

Exploit

https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/15274.txt

RHSA-2010:0787

https://access.redhat.com/errata/RHSA-2010:0787

RHSA-2010:0872

https://access.redhat.com/errata/RHSA-2010:0872

USN-1009-1

https://usn.ubuntu.com/1009-1/

Data source	Metasploit
Description	This module attempts to gain root privileges on Linux systems by abusing a vulnerability in the GNU C Library (glibc) dynamic linker. glibc `ld.so` versions before 2.11.3, and 2.12.x before 2.12.2 does not properly restrict use of the `LD_AUDIT` environment variable when loading setuid executables which allows control over the `$ORIGIN` library search path resulting in execution of arbitrary shared objects. This module opens a file descriptor to the specified suid executable via a hard link, then replaces the hard link with a shared object before instructing the linker to execute the file descriptor, resulting in arbitrary code execution. The specified setuid binary must be readable and located on the same file system partition as the specified writable directory. This module has been tested successfully on: glibc 2.5 on CentOS 5.4 (x86_64); glibc 2.5 on CentOS 5.5 (x86_64); glibc 2.12 on Fedora 13 (i386); and glibc 2.5-49 on RHEL 5.5 (x86_64). Some versions of `ld.so`, such as the version shipped with Ubuntu 14, hit a failed assertion in `dl_open_worker` causing exploitation to fail.
Note	Stability: - crash-safe Reliability: - repeatable-session SideEffects: - artifacts-on-disk
Ransomware campaign use	Unknown
Source publication date	Oct. 18, 2010
Platform	Linux
Source URL	https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/linux/local/glibc_origin_expansion_priv_esc.rb

Metasploit

This module attempts to gain root privileges on Linux systems by abusing a vulnerability in the GNU C Library (glibc) dynamic linker. glibc `ld.so` versions before 2.11.3, and 2.12.x before 2.12.2 does not properly restrict use of the `LD_AUDIT` environment variable when loading setuid executables which allows control over the `$ORIGIN` library search path resulting in execution of arbitrary shared objects. This module opens a file descriptor to the specified suid executable via a hard link, then replaces the hard link with a shared object before instructing the linker to execute the file descriptor, resulting in arbitrary code execution. The specified setuid binary must be readable and located on the same file system partition as the specified writable directory. This module has been tested successfully on: glibc 2.5 on CentOS 5.4 (x86_64); glibc 2.5 on CentOS 5.5 (x86_64); glibc 2.12 on Fedora 13 (i386); and glibc 2.5-49 on RHEL 5.5 (x86_64). Some versions of `ld.so`, such as the version shipped with Ubuntu 14, hit a failed assertion in `dl_open_worker` causing exploitation to fail.

Stability:
  - crash-safe
Reliability:
  - repeatable-session
SideEffects:
  - artifacts-on-disk

Unknown

Oct. 18, 2010

Linux

https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/linux/local/glibc_origin_expansion_priv_esc.rb

Data source	Exploit-DB
Date added	Oct. 18, 2010
Description	GNU C library dynamic linker - '$ORIGIN' Expansion
Ransomware campaign use	Known
Source publication date	Oct. 18, 2010
Exploit type	local
Platform	linux
Source update date	Oct. 18, 2010

Exploit-DB

Oct. 18, 2010

GNU C library dynamic linker - '$ORIGIN' Expansion

Known

Oct. 18, 2010

local

linux

Oct. 18, 2010

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T08:38:32.956904+00:00	Ubuntu USN Importer	Import	https://usn.ubuntu.com/1009-1/	37.0.0

2025-07-31T08:38:32.956904+00:00

Ubuntu USN Importer

Import

https://usn.ubuntu.com/1009-1/

37.0.0

Vulnerability ID	VCID-4z15-dcf9-s7cq
Aliases	CVE-2010-3847
Summary
Status	Published
Exploitability	2.0
Weighted Severity	0.1
Risk	0.2
Affected and Fixed Packages	Package Details

Percentile	0.89299
EPSS Score	0.04991
Published At	Sept. 12, 2025, 12:55 p.m.