Mono Integer Overflow May Let Local Users Gain Elevated Privileges
|
|
SecurityTracker Alert ID: 1018892
|
|
SecurityTracker URL: http://securitytracker.com/id?1018892
|
|
CVE Reference: CVE-2007-5197
(Links to External Site)
|
Date: Nov 5 2007
|
Impact: User access via local system
|
Version(s): 1.2.5.1
|
Description: A vulnerability was reported in Mono. A local user may be able to obtain elevated privileges on the target system.
A local user may be able to cause an application that uses Mono to trigger an integer overflow in the Mono BigInteger Reduce() function
to execute arbitrary code. The code will run with the privileges of the target application.
The .NET runtime version is affected.
Other versions may also be affected.
|
Impact: A local user may be able to obtain elevated privileges on the target system.
|
Solution: No solution was available at the time of this entry.
|
Vendor URL: www.mono-project.com/ (Links to External Site)
|
Cause: Boundary error
|
Underlying OS: Linux (Any), UNIX (Any)
|
Reported By: Moritz Muehlenhoff <jmm@debian.org>
|
Message History:
None.
|
Source Message Contents
|
|
|
[Original Message Not Available for Viewing]
|
|
