3 matches found
FreeBSD : kpopup -- local root exploit and local denial of service (1613db79-8e52-11da-8426-000fea0a9611)
Mitre CVE reports : Format string vulnerability in main.cpp in kpopup 0.9.1-0.9.5pre2 allows local users to cause a denial of service segmentation fault and possibly execute arbitrary code via format string specifiers in command line arguments. misc.cpp in KPopup 0.9.1 trusts the PATH variable wh...
CVE-2003-1167
KPopup 0.9.1 exposes two local-privilege/vulnerability issues. First, a format-string vulnerability in main.cpp (kpopup 0.9.1–0.9.5pre2) can allow local users to cause a denial of service (segmentation fault) and potentially execute arbitrary code via crafted format specifiers in command line arg...
CVE-2003-1167
misc.cpp in KPopup 0.9.1 trusts the PATH variable when executing killall, which allows local users to elevate their privileges by modifying the PATH variable to reference a malicious killall program...