Computer Security
[EN] securityvulns.ru no-pyccku


unicon-imc2 code execution
Published:02.07.2007
Source:
SecurityVulns ID:7881
Type:library
Threat Level:
5/10
Description:Unsafe environment variable usage.
Affected:UNICON : unicon 3.0
CVE:CVE-2007-2835 (Multiple stack-based buffer overflows in (1) CCE_pinyin.c and (2) xl_pinyin.c in ImmModules/cce/ in unicon-imc2 3.0.4, as used by zhcon and other applications, allow local users to gain privileges via a long HOME environment variable.)
Original documentdocumentDEBIAN, [Full-disclosure] [SECURITY] [DSA 1328-1] New unicon-imc2 packages fix buffer overflow (02.07.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod