Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Buffer overflow in Alsaplayer 0.99.71, when installed setuid root, allows local users to execute arbitrary code via a long (1) -f or (2) -o command line argument.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Alsplayer本地缓冲区溢出漏洞
Vulnerability Description
Alsaplayer是一款利用ALSA库和驱动的PCM播放器,可使用在Linux和Unix操作系统下。 Alsaplayer在处理"add-on path"选项时存在问题,本地攻击者可以利用这个漏洞进行缓冲区溢出攻击。 Alsaplayer在处理超长"add-on path"选项数据时缺少正确的边界缓冲区检查,本地攻击者利用这个漏洞可以破坏Alsaplayer堆栈内容,造成Alsaplayer崩溃,Alsaplayer默认不以setuid属性安装,但根据作者建议,要增加部分功能必须增加S位。
CVSS Information
N/A
Vulnerability Type
N/A