VYPR

Arts

by KDE

CVEs (3)

  • CVE-2006-2916HigJun 15, 2006
    risk 0.51cvss 7.8epss 0.00

    artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges.

  • CVE-2015-7543HigJul 25, 2017
    risk 0.46cvss 7.0epss 0.00

    aRts 1.5.10 and kdelibs3 3.5.10 and earlier do not properly create temporary directories, which allows local users to hijack the IPC by pre-creating the temporary directory.

  • CVE-2002-0819Aug 12, 2002
    risk 0.00cvss epss 0.00

    Format string vulnerability in artsd, when called by artswrapper, allows local users to gain privileges via format strings in the -a argument, which results in an error message that is not properly handled in a call to the arts_fatal function.