mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-23 06:39:42 +02:00
0xMarcio
733 B
733 B
CVE-2006-4842
Description
The Netscape Portable Runtime (NSPR) API 4.6.1 and 4.6.2, as used in Sun Solaris 10, trusts user-specified environment variables for specifying log files even when running from setuid programs, which allows local users to create or overwrite arbitrary files.