Csound 'PySys_SetArgv' Remote Command Execution Vulnerability BugTraq ID: 33446 Remote: Yes Last Updated: 2009-01-28 Relevant URL: http://www.securityfocus.com/bid/33446 Summary: Csound is prone to a remote command-execution vulnerability. An attacker could exploit this issue by enticing an unsuspecting victim to execute the vulnerable application in a directory containing a malicious Python file. A successful exploit will allow arbitrary Python commands to run with the privileges of the currently logged-in user. -- May the LORD God bless you exceedingly abundantly! Dave Craig - - - - - - - - - - - - - - - - - - - - "'So the universe is not quite as you thought it was. You'd better rearrange your beliefs, then. Because you certainly can't rearrange the universe.'" --from _Nightfall_ by Asimov/Silverberg