Security Advisory

CVE-2009-1299

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2010-03-18 17:12:00
Last updated 2024-08-07 05:04:49
Assigner canonical
State PUBLISHED

Description

The pa_make_secure_dir function in core-util.c in PulseAudio 0.9.10 and 0.9.19 allows local users to change the ownership and permissions of arbitrary files via a symlink attack on a /tmp/.esd-##### temporary file.