Описание
Synaesthesia 2.1 and earlier, and possibly other versions, when installed setuid root, does not drop privileges before processing configuration and mixer files, which allows local users to read arbitrary files.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.1 (включая)
cpe:2.3:a:synaesthesia:synaesthesia:*:*:*:*:*:*:*:*
EPSS
Процентиль: 14%
0.00047
Низкий
7.2 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
ubuntu
больше 20 лет назад
Synaesthesia 2.1 and earlier, and possibly other versions, when installed setuid root, does not drop privileges before processing configuration and mixer files, which allows local users to read arbitrary files.
debian
больше 20 лет назад
Synaesthesia 2.1 and earlier, and possibly other versions, when instal ...
github
больше 3 лет назад
Synaesthesia 2.1 and earlier, and possibly other versions, when installed setuid root, does not drop privileges before processing configuration and mixer files, which allows local users to read arbitrary files.
EPSS
Процентиль: 14%
0.00047
Низкий
7.2 High
CVSS2
Дефекты
NVD-CWE-Other