Mumble 1.2.3 and previous versions uses world-readable permissions for .local/share/data/Mumble/.mumble.sqlite files in home directories, which might allow local users to obtain a cleartext password and configuration data by reading a file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mumble mumble |
||
mumble mumble 1.2.2 |
||
mumble mumble 1.2.0 |