Описание
Synaesthesia 2.1 and earlier, and possibly other versions, when installed setuid root, does not drop privileges before processing configuration and mixer files, which allows local users to read arbitrary files.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.1 (включая)
cpe:2.3:a:synaesthesia:synaesthesia:*:*:*:*:*:*:*:*
EPSS
Процентиль: 14%
0.00047
Низкий
7.2 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
ubuntu
почти 21 год назад
Synaesthesia 2.1 and earlier, and possibly other versions, when installed setuid root, does not drop privileges before processing configuration and mixer files, which allows local users to read arbitrary files.
debian
почти 21 год назад
Synaesthesia 2.1 and earlier, and possibly other versions, when instal ...
github
почти 4 года назад
Synaesthesia 2.1 and earlier, and possibly other versions, when installed setuid root, does not drop privileges before processing configuration and mixer files, which allows local users to read arbitrary files.
EPSS
Процентиль: 14%
0.00047
Низкий
7.2 High
CVSS2
Дефекты
NVD-CWE-Other