CVE-2011-2922

2019-11-19T19:15:00
ID CVE-2011-2922
Type cve
Reporter cve@mitre.org
Modified 2019-11-21T15:28:00

Description

ktsuss versions 1.4 and prior spawns the GTK interface to run as root. This can allow a local attacker to escalate privileges to root and use the "GTK_MODULES" environment variable to possibly execute arbitrary code.