source: wwwsecurityfocuscom/bid/262/info
The setuid root "midikeys" executable can be used to edit arbitrary files via its graphical user interface This grants malicious users root access to the system
Running the midikeys application, clicking in sounds, and then songs will bring up a file dialog By entering a filename of a known fil ...