The pa_make_secure_dir function in core-util.c in PulseAudio 0.9.10 and 0.9.19 allows local users to change the ownership and permissions of arbitrary files via a symlink attack on a /tmp/.esd-##### temporary file.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: canonical
Published: 2010-03-18T17:12:00
Updated: 2024-08-07T05:04:49.479Z
Reserved: 2009-04-15T00:00:00
Link: CVE-2009-1299
Vulnrichment
No data.
NVD
Status : Modified
Published: 2010-03-18T17:30:00.337
Modified: 2024-11-21T01:02:08.140
Link: CVE-2009-1299
Redhat