ALT-PU-2024-16850-3
Closed vulnerabilities
Published: 2020-12-01
BDU:2024-06966
Уязвимость компонента AudacityApp.cpp аудиоредактора звуковых файлов Audacity, связанная с настройками прав доступа по умолчанию, позволяющая нарушителю получить доступ к конфиденциальным данным
Severity: LOW (3.3)
Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
References:
Published: 2017-07-17
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2017-1000010
Audacity 2.1.2 through 2.3.2 is vulnerable to Dll HIjacking in the avformat-55.dll resulting arbitrary code execution.
Severity: HIGH (7.8)
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
Published: 2020-12-01
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2020-11867
Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and play the temporary audio .au files located there.
Severity: LOW (3.3)
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
References: