ToolTalk Library Buffer Overflow Vulnerability

ToolTalk Library Buffer Overflow Vulnerability

ToolTalk is part of the Common Desktop Environment (CDE) package distributed with various commercial implementations of the Unix Operating System.

A problem has been found that could allow local users unauthorized access to system resources. Improper bounds checking in the ToolTalk library makes any executable linked against the library vulnerable to a buffer overflow.

This could result in the execution of arbitrary code by a local user with elevated priviliges.