Описание
Format string vulnerability in the raydium_log function in console.c in Raydium before SVN revision 310 allows local users to execute arbitrary code via format string specifiers in the format parameter, which are not properly handled in a call to raydium_console_line_add.
Format string vulnerability in the raydium_log function in console.c in Raydium before SVN revision 310 allows local users to execute arbitrary code via format string specifiers in the format parameter, which are not properly handled in a call to raydium_console_line_add.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-2409
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26514
- http://aluigi.altervista.org/adv/raydiumx-adv.txt
- http://raydium.org/svn.php
- http://secunia.com/advisories/20097
- http://securityreason.com/securityalert/900
- http://www.securityfocus.com/archive/1/433930/100/0/threaded
- http://www.securityfocus.com/bid/17986
- http://www.vupen.com/english/advisories/2006/1808
Связанные уязвимости
Format string vulnerability in the raydium_log function in console.c in Raydium before SVN revision 310 allows local users to execute arbitrary code via format string specifiers in the format parameter, which are not properly handled in a call to raydium_console_line_add.