Infodrom Oldenburg
— xpcd —
| 17.1.2005: CAN-2005-0074: Arbitrary code execution | xpcd | 2.08 |
|---|---|---|
| Erik Sjölund discovered a buffer overflow in pcdsvgaview, an SVGA PhotoCD viewer. xpcd-svga is part of xpcd and uses svgalib to display graphics on the Linux console for which root permissions are required. A malicious user could overflow a fixed-size buffer and may cause the program to execute arbitrary code with elevated privileges. | ||
| Download: Patch. | ||