source: wwwsecurityfocuscom/bid/452/info
There is an unchecked sprintf() call in the versions of /usr/openwin/bin/kcms_configure shipped with solaris 25, 251 and 26 Unfortunately, kcms_configure is installed setuid root, making it possible for an attacker to overflow the buffer and have arbitrary code executed with superuser privile ...
/*
source: wwwsecurityfocuscom/bid/452/info
There is an unchecked sprintf() call in the versions of /usr/openwin/bin/kcms_configure shipped with solaris 25, 251 and 26 Unfortunately, kcms_configure is installed setuid root, making it possible for an attacker to overflow the buffer and have arbitrary code executed with superuser priv ...