First published: Tue Nov 20 2007(Updated: )
Audacity 1.3.2 creates a temporary directory with a predictable name without checking for previous existence of that directory, which allows local users to cause a denial of service (recording deadlock) by creating the directory before Audacity is run. NOTE: this issue can be leveraged to delete arbitrary files or directories via a symlink attack.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Audacityteam Audacity | =1.3.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.