Bugsalert.com
Security News about Viruses, Spyware,
Trojans, Malware, XSS attacks.
Home | Sitemap

CVE-2008-0008 (PulseAudio)
BugsAlert Home > CVE-2008-0008 (PulseAudio)
 
 

PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from (1) setresuid, (2) setreuid, (3) setuid, and (4) seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail via attacks such as resource exhaustion.




Original Source: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0008

Learn more about CVE-2008-0008 (PulseAudio)
 
Tags: cve-2008-0008 pulseaudio

Related Items
      HTML_CLICKER.AIB

      CVE-2008-3761 (VMWare Workstation)

      FrSIRT - Gentoo Security Update Fixes PDFLib Code Execution Vulnerabilities

      Op "XAUTHORITY" Buffer Overflow Vulnerability

      FrSIRT - Fedora Security Update Fixes Tomcat Information Disclosure Issues

      HTML_DLOADER.FOG

      419 Scammers Admit to Mail Fraud

 
© 2007-2008 BugsAlert.com Original template by Arcsin Hosted By 1and1


Pixel