Code injection

2019-11-0903:15:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

alsa-utils 1.0.19 and later versions allows local users to overwrite arbitrary files via a symlink attack via the /usr/bin/alsa-info and /usr/bin/alsa-info.sh scripts.

CPENameOperatorVersion
alsage1.0.19
alsalt1.0.20

CPE	Name	Operator	Version
	alsa	ge	1.0.19
	alsa	lt	1.0.20

References

access.redhat.com/security/cve/cve-2009-0035

bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-0035

security-tracker.debian.org/tracker/CVE-2009-0035