Audacity 1.3.2 creates a temporary directory with a predictable name without checking for previous existence of that directory, which allows local users to cause a denial of service (recording deadlock) by creating the directory before Audacity is run. NOTE: this issue can be leveraged to delete arbitrary files or directories via a symlink attack.
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Audacity | Audacityteam | 1.3.2 (including) | 1.3.2 (including) |
Audacity | Ubuntu | dapper | * |
Audacity | Ubuntu | edgy | * |
Audacity | Ubuntu | feisty | * |
Audacity | Ubuntu | gutsy | * |
Audacity | Ubuntu | upstream | * |