CVE-2009-1299

2010-03-18T17:30:00
ID CVE-2009-1299
Type cve
Reporter cve@mitre.org
Modified 2010-06-29T23:04:00

Description

The pa_make_secure_dir function in core-util.c in PulseAudio 0.9.10 and 0.9.19 allows local users to change the ownership and permissions of arbitrary files via a symlink attack on a /tmp/.esd-##### temporary file.