FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-19 20:48:44 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
d371b627-6ed5-11d9-bd18-000a95bc6fae	zhcon -- unauthorized file access Martin Joey Schulze reports: Erik SjÃ¶und discovered that zhcon, a fast console CJK system using the Linux framebuffer, accesses a user-controlled configuration file with elevated privileges. Thus, it is possible to read arbitrary files. When installed from the FreeBSD Ports Collection, zhcon is installed set-user-ID root. Discovery 2005-01-25 Entry 2005-01-25 zhcon zh-zhcon < 0.2.3_3 CVE-2005-0072

VuXML ID

Description

d371b627-6ed5-11d9-bd18-000a95bc6fae

zhcon -- unauthorized file access

Martin Joey Schulze reports:

Erik SjÃ¶und discovered that zhcon, a fast console CJK system using the Linux framebuffer, accesses a user-controlled configuration file with elevated privileges. Thus, it is possible to read arbitrary files.

When installed from the FreeBSD Ports Collection, zhcon is installed set-user-ID root.

Discovery 2005-01-25
Entry 2005-01-25
zhcon
zh-zhcon

< 0.2.3_3

CVE-2005-0072