Multiple stack-based buffer overflows in (a) acon.c, (b) menu.c, and (c) child.c in Acon 1.0.5-5 through 1.0.5-7 allow local users to execute arbitrary code via (1) a long HOME environment variable or (2) a large number of terminal columns.
Software | From | Fixed in |
---|---|---|
ahmed_abdel-hamid_mohamed / acon | 1.0.5-5 | 1.0.5-5.x |
ahmed_abdel-hamid_mohamed / acon | 1.0.5-6 | 1.0.5-6.x |
ahmed_abdel-hamid_mohamed / acon | 1.0.5-7 | 1.0.5-7.x |