MidnightBSD

Advisories for synaesthesia

CVE-2004-0160 HIGH

Synaesthesia 2.2 and earlier allows local users to execute arbitrary code via a symlink attack on the configuration file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
synaesthesia synaesthesia 2.1.2
synaesthesia synaesthesia 2.1.0
synaesthesia synaesthesia 2.1.1
synaesthesia synaesthesia 2.2
CVE-2005-0070 HIGH

Synaesthesia 2.1 and earlier, and possibly other versions, when installed setuid root, does not drop privileges before processing configuration and mixer files, which allows local users to read arbitrary files.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
synaesthesia synaesthesia *