2 matches found
CVE-2011-2777
CVE-2011-2777 affects acpid/acpid2 (2.0.16 and older). The flaw lies in how powerbtn.sh uses the pidof program, which can be exploited by a local attacker to gain elevated privileges by launching a program named kded4 with a crafted DBUS_SESSION_BUS_ADDRESS. Impact is local privilege escalation. ...
CVE-2011-4578
CVE-2011-4578 affects the acpid (aka acpid2) package: the file event.c executes event-handler scripts without a proper umask prior to version 2.0.11. This may allow a local attacker to either (1) write into directories created by a script or (2) read files created by a script via standard filesys...