XSOK LANG Environment Variable Local Buffer Overrun Vulnerability

xsok is prone to a locally exploitable buffer overrun vulnerability due to insufficient bounds check of data supplied through the LANG environment variable. This could be exploited to execute arbitrary code with elevated privileges. The program is typically installed setgid games.


 

Privacy Statement
Copyright 2010, SecurityFocus