[LAU] Csound Security Notice

David L. Craig dlc at radix.net
Fri Jan 30 08:05:30 EST 2009

Previous message: [LAU] Usb driver debug
Next message: [LAU] Tranzport + Ardour2 ?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Csound 'PySys_SetArgv' Remote Command Execution Vulnerability
BugTraq ID: 33446
Remote: Yes
Last Updated: 2009-01-28
Relevant URL: http://www.securityfocus.com/bid/33446
Summary:
Csound is prone to a remote command-execution vulnerability.

An attacker could exploit this issue by enticing an unsuspecting
victim to execute the vulnerable application in a directory
containing a malicious Python file. A successful exploit will
allow arbitrary Python commands to run with the privileges of
the currently logged-in user.

-- 

May the LORD God bless you exceedingly abundantly!

Dave Craig

-  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -
"'So the universe is not quite as you thought it was.
 You'd better rearrange your beliefs, then.
 Because you certainly can't rearrange the universe.'"

--from _Nightfall_  by Asimov/Silverberg

Previous message: [LAU] Usb driver debug
Next message: [LAU] Tranzport + Ardour2 ?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Linux-audio-user mailing list