VULHUB ™

A vulnerability has been reported for Musicqueue. The problem specifically occurs within a signal handling procedure used invoked when a segmentation violation occurs. The procedure invokes a library function, passing it the name of a predictable filename to create within the systems temporary directory. As a result, an attacker may be capable of launching a symbolic link attack, effectively overwriting the contents of a potentially system critical file with the contents of the created file. This could theoretically lead to a denial of service condition, or in some cases privileged elevation.

A vulnerability has been reported for Musicqueue. The problem specifically occurs within a signal handling procedure used invoked when a segmentation violation occurs. The procedure invokes a library function, passing it the name of a predictable filename to create within the systems temporary directory. As a result, an attacker may be capable of launching a symbolic link attack, effectively overwriting the contents of a potentially system critical file with the contents of the created file. This could theoretically lead to a denial of service condition, or in some cases privileged elevation.