Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2009-1894
HistoryJul 17, 2009 - 12:00 a.m.

CVE-2009-1894

2009-07-1700:00:00
ubuntu.com
ubuntu.com
11

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

0.4%

JSON

Race condition in PulseAudio 0.9.9, 0.9.10, and 0.9.14 allows local users
to gain privileges via vectors involving creation of a hard link, related
to the application setting LD_BIND_NOW to 1, and then calling execv on the
target of the /proc/self/exe symlink.

OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchpulseaudio<Β 0.9.10-1ubuntu1.1UNKNOWN
ubuntu8.10noarchpulseaudio<Β 0.9.10-2ubuntu9.4UNKNOWN
ubuntu9.04noarchpulseaudio<Β 1:0.9.14-0ubuntu20.2UNKNOWN

Related

nessus 4
debian 1
gentoo 1
openvas 10
securityvulns 3
prion 2
ubuntu 1
osv 1
seebug 2
cve 2
debiancve 1
packetstorm 1
ubuntucve 1
exploitpack 1
exploitdb 1
nessus
nessus
GLSA-200907-13 : PulseAudio: Local privilege escalation
2009-07-17 00:00:00
Mandriva Linux Security Advisory : pulseaudio (MDVSA-2009:152)
2009-07-20 00:00:00
Ubuntu 8.04 LTS / 8.10 / 9.04 : pulseaudio vulnerability (USN-804-1)
2009-07-17 00:00:00
debian
debian
[SECURITY] [DSA 1838-1] New pulseaudio packages fix privilege escalation
2009-07-18 12:18:19
gentoo
gentoo
PulseAudio: Local privilege escalation
2009-07-16 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-1838-1)
2009-07-29 00:00:00
Gentoo Security Advisory GLSA 200907-13 (pulseaudio)
2009-07-29 00:00:00
Ubuntu USN-804-1 (pulseaudio)
2009-07-29 00:00:00
securityvulns
securityvulns
PulseAudio race conditions
2009-07-18 00:00:00
PulseAudio local race condition privilege escalation vulnerability
2009-07-18 00:00:00
The GNU C library dynamic linker expands $ORIGIN in setuid library search path
2010-10-24 00:00:00
prion
prion
Race condition
2009-07-17 16:30:00
Null pointer dereference
2009-07-20 17:30:00
ubuntu
ubuntu
PulseAudio vulnerability
2009-07-16 00:00:00
osv
osv
pulseaudio - privilege escalation
2009-07-18 00:00:00
seebug
seebug
Linux Kernel tun_chr_pool()ε‡½ζ•°η©ΊζŒ‡ι’ˆεΌ•η”¨ζΌζ΄ž
2009-07-20 00:00:00
GNU C library dynamic linker $ORIGIN expansion Vulnerability
2014-07-01 00:00:00
cve
cve
CVE-2009-1894
2009-07-17 16:30:00
CVE-2009-1897
2009-07-20 17:30:00
debiancve
debiancve
CVE-2009-1894
2009-07-17 16:30:00
packetstorm
packetstorm
GNU C Library Dynamic Linker $ORIGIN Expansion Vulnerability
2010-10-19 00:00:00
ubuntucve
ubuntucve
CVE-2009-1897
2009-07-20 00:00:00
exploitpack
exploitpack
GNU C library dynamic linker - $ORIGIN Expansion
2010-10-18 00:00:00
exploitdb
exploitdb
GNU C library dynamic linker - &#039;$ORIGIN&#039; Expansion
2010-10-18 00:00:00

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

0.4%

JSON
Related for UB:CVE-2009-1894
nessus4debian1gentoo1openvas10securityvulns3prion2ubuntu1osv1seebug2cve2debiancve1packetstorm1ubuntucve1exploitpack1exploitdb1