Common Desktop Environment 1.6 Local Privilege Escalation Exploit

A buffer overflow in the SanityCheck function in the Common Desktop Environment version distributed with Oracle Solaris 10 1/13 Update 11 and earlier allows local users to gain root privileges via a long calendar name or calendar owner passed to sdtcmconvert in a malicious calendar file. The open...