SUSE CVE-2008-0008

The padroproot function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from 1 setresuid, 2 setreuid, 3 setuid, and 4 seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail via attacks such as...

SUSE CVE-2009-0794

Integer overflow in the PulseAudioTargetDataL class in src/java/org/classpath/icedtea/pulseaudio/PulseAudioTargetDataLine.java in Pulse-Java, as used in OpenJDK 1.6.0.0 and other products, allows remote attackers to cause a denial of service applet crash via a crafted Pulse Audio source data line...

SUSE CVE-2009-1299

The pamakesecuredir function in core-util.c in PulseAudio 0.9.10 and 0.9.19 allows local users to change the ownership and permissions of arbitrary files via a symlink attack on a /tmp/.esd- temporary file...

Rust libpulse-binding crate资源管理错误漏洞

Rust libpulse-binding crate is a repository containing sys FFI and binding libraries crates for connecting to PulseAudio PA from the Rust programming language.Mozilla Rust libpulse-binding crate memory corruption vulnerability, which stems from a security flaw in A security vulnerability exists i...

DEBIAN-CVE-2009-1299

The pamakesecuredir function in core-util.c in PulseAudio 0.9.10 and 0.9.19 allows local users to change the ownership and permissions of arbitrary files via a symlink attack on a /tmp/.esd- temporary file...

Pulse Audio setuid Privilege Escalation

!/bin/bash pulseaudio=which pulseaudio workdir="/tmp" workdir=$HOME id=which id shell=which sh trap cleanup INT function cleanup rm -f $workdir/sh $workdir/sh.c $workdir/parace $workdir/parace.c rm -rf $workdir/PATMP cat $workdir/parace.c include include include include include define...

Race Condition

Overview Affected versions of this package are vulnerable to Race Condition. Race condition in PulseAudio 0.9.9, 0.9.10, and 0.9.14 allows local users to gain privileges via vectors involving creation of a hard link, related to the application setting LDBINDNOW to 1, and then calling execv on the...

PT-2009-4355 · Pulseaudio · Pulseaudio

Name of the Vulnerable Software and Affected Versions: PulseAudio versions 0.9.9 through 0.9.14 Description: A race condition exists that allows local users to gain privileges. This issue involves the creation of a hard link and is related to the application setting LD BIND NOW to 1, and then...

CVE-2009-0794

Integer overflow in the PulseAudioTargetDataL class in src/java/org/classpath/icedtea/pulseaudio/PulseAudioTargetDataLine.java in Pulse-Java, as used in OpenJDK 1.6.0.0 and other products, allows remote attackers to cause a denial of service applet crash via a crafted Pulse Audio source data line...

PT-2009-3397 · Oracle +1 · Openjdk +1

Name of the Vulnerable Software and Affected Versions: Pulse-Java versions prior to the fixed version OpenJDK version 1.6.0.0 Description: The issue is related to an integer overflow in the PulseAudioTargetDataL class. This allows remote attackers to cause a denial of service, resulting in an...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS. PulseAudio 0.9.5 allows remote attackers to cause a denial of service daemon crash via 1 a PAPSTREAMDESCRIPTORLENGTH value of FRAMESIZEMAXALLOW sent on TCP port 9875, which triggers a p-export assertion failure in...