Orville-Write Multiple Unspecified Buffer Overrun Vulnerabilities

info
discussion
exploit
solution
references

Orville-Write Multiple Unspecified Buffer Overrun Vulnerabilities

Multiple unspecified buffer overrun vulnerabilities have been discovered in Orville-Write. The problems likely occur due to insufficient bounds checking when processing user-supplied command-line arguments or environment variables.

If the Orville-Write application has been installed setuid or setgid, this vulnerability could potentially be exploited to gain elevated privileges.