Buffer overflow in certain functions in src/fileio.c and src/unix/fileio.c in xmame before 11 January 2006 may allow local users to gain privileges via a long (1) -lang, (2) -ctrlr, (3) -pb, or (4) -rec argument on many operating systems, and via a long (5) -jdev argument on Ubuntu Linux.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Xmame | Xmame | 0.102 (including) | 0.102 (including) |
| Xmame | Ubuntu | dapper | * |
| Xmame | Ubuntu | devel | * |
| Xmame | Ubuntu | edgy | * |
| Xmame | Ubuntu | feisty | * |
| Xmame | Ubuntu | gutsy | * |
| Xmame | Ubuntu | hardy | * |
| Xmame | Ubuntu | intrepid | * |
| Xmame | Ubuntu | jaunty | * |
| Xmame | Ubuntu | karmic | * |
References
- http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0353.html
- http://www.securityfocus.com/archive/1/421849/100/0/threaded
- http://www.securityfocus.com/bid/16203
- http://x.mame.net/changes-unix.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24102
- http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0353.html
- http://www.securityfocus.com/archive/1/421849/100/0/threaded
- http://www.securityfocus.com/bid/16203
- http://x.mame.net/changes-unix.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24102