audacity
Page content
- Vulnerable: 1.3.3-2
- Unaffected: 1.3.5-1kalgan1
Viktor Griph has reported a security issue in Audacity, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or to delete arbitrary files and directories. The security issue is caused due to the “AudacityApp::OnInit()” method in src/AudacityApp.cpp handling temporary files in an insecure manner. This can be exploited to delete arbitrary files and directories via symlink attacks, or to cause a deadlock.
- Bug Tracker URL: http://bugs.frugalware.org/task/3080