BubbleMon 1.31 does not properly drop group privileges before executing programs, which allows local users to execute arbitrary commands with the kmem group id.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| timecop | bubblemon | 1.1test1 |
| timecop | bubblemon | 1.1test6 |
| timecop | bubblemon | 1.31 |
| timecop | bubblemon | 1.0pl2 |
| timecop | bubblemon | 1.1test3 |
| timecop | bubblemon | 1.21 |
| timecop | bubblemon | 1.21test1 |
| timecop | bubblemon | 1.0pl4 |
| timecop | bubblemon | 1.0pl9 |
| timecop | bubblemon | 1.0 |
| timecop | bubblemon | 1.0pl6 |
| timecop | bubblemon | 1.1 |
| timecop | bubblemon | 1.1test2 |
| timecop | bubblemon | 1.22 |
| timecop | bubblemon | 1.0pl8 |
| timecop | bubblemon | 1.2 |
| timecop | bubblemon | 1.0pl7 |
| timecop | bubblemon | 1.1test4 |
| timecop | bubblemon | 1.0pl1 |
| timecop | bubblemon | 1.1test7 |
| freebsd | freebsd | 6.2 |
| timecop | bubblemon | 1.2test1 |
| timecop | bubblemon | 1.1test5 |
| timecop | bubblemon | 1.23 |
| timecop | bubblemon | 1.0pl3 |
| timecop | bubblemon | 1.3 |
Buffer overflow in wmcube-gdk for WMCube/GDK 0.98 allows local users to execute arbitrary code via long lines in the object description file.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| timecop | wmcube_gdk | 0.98 |