Csound 'PySys_SetArgv' Remote Command Execution Vulnerability
BugTraq ID: 33446
Remote: Yes
Last Updated: 2009-01-28
Relevant URL: http://www.securityfocus.com/bid/33446
Summary:
Csound is prone to a remote command-execution vulnerability.
An attacker could exploit this issue by enticing an unsuspecting
victim to execute the vulnerable application in a directory
containing a malicious Python file. A successful exploit will
allow arbitrary Python commands to run with the privileges of
the currently logged-in user.
-- May the LORD God bless you exceedingly abundantly! Dave Craig - - - - - - - - - - - - - - - - - - - - "'So the universe is not quite as you thought it was. You'd better rearrange your beliefs, then. Because you certainly can't rearrange the universe.'" --from _Nightfall_ by Asimov/Silverberg _______________________________________________ Linux-audio-user mailing list Linux-audio-user@email-addr-hidden http://lists.linuxaudio.org/mailman/listinfo/linux-audio-userReceived on Fri Jan 30 16:15:02 2009
This archive was generated by hypermail 2.1.8 : Fri Jan 30 2009 - 16:15:03 EET