libiodbc: code execution
| Package(s): | libiodbc | CVE #(s): | |||||
| Created: | December 17, 2013 | Updated: | December 18, 2013 | ||||
| Description: | From the Slackware advisory:
This update fixes an rpath pointing to a location in /tmp that was found in two test programs (iodbctest and iodbctestw). This could have allowed a local attacker with write access to /tmp to add modified libraries (and execute arbitrary code) as any user running the test programs. | ||||||
| Alerts: |
| ||||||