Computer Security
[EN] securityvulns.ru no-pyccku


PulseAudio race conditions
Published:18.07.2009
Source:
SecurityVulns ID:10079
Type:local
Threat Level:
6/10
Description:Race condition on temporary files creation allow symlink attack.
Affected:PULSEAUDIO : PulseAudio 0.9
CVE:CVE-2009-1894 (Race condition in PulseAudio 0.9.9, 0.9.10, and 0.9.14 allows local users to gain privileges via vectors involving creation of a hard link, related to the application setting LD_BIND_NOW to 1, and then calling execv on the target of the /proc/self/exe symlink.)
Original documentdocumentAkita Software Security, PulseAudio local race condition privilege escalation vulnerability (18.07.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod