Privilege Escalation Vulnerability in Synaesthesia 2.1 and Earlier

Privilege Escalation Vulnerability in Synaesthesia 2.1 and Earlier

CVE-2005-0070 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

Synaesthesia 2.1 and earlier, and possibly other versions, when installed setuid root, does not drop privileges before processing configuration and mixer files, which allows local users to read arbitrary files.

Learn more about our User Device Pen Test.