From 8fdf391a727f2c362181a50da361fb90c2fedf1c Mon Sep 17 00:00:00 2001 From: Jacques Vidrine Date: Thu, 24 Mar 2005 14:15:05 +0000 Subject: Document Wine information disclosure. Based on an entry that was Submitted by: Devon H. O'Dell Approved by: portmgr (blanket, VuXML) --- security/vuxml/vuln.xml | 43 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) (limited to 'security') diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index d5672b522163..3334d190cc59 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -32,6 +32,49 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. --> + + wine -- information disclosure due to insecure temporary + file handling + + + wine + 20050310 + + + + +

Due to insecure temporary file creation in the Wine Windows + emulator, it is possible for any user to read potentially + sensitive information from temporary registry files.

+
When a Win32 application is launched by wine, wine makes + a dump of the Windows registry in /tmp with name + regxxxxyyyy.tmp , where xxxxxx is the pid in hexadecimal + value of the current wine process and yyyy is an integer + value usually equal to zero.
+
regxxxxyyyy.tmp is created with 0644 (-rw-r--r--) + permissions. This could represent a security problem in a + multi-user environment. Indeed, any local user could + access to windows regstry's dump and get sensitive + information, like passwords and other private data.
+

+ + + + CAN-2005-0787 + http://marc.theaimsgroup.com/?l=bugtraq&m=111082537009842 + http://bugs.winehq.org/show_bug.cgi?id=2715 + http://www.securitytracker.com/alerts/2005/Mar/1013428.html + http://www.zone-h.org/advisories/read/id=7300 + http://www.securityfocus.com/bid/12791 + http://xforce.iss.net/xforce/xfdb/19697 + + + 2005-03-13 + 2005-03-24 + + + firefox -- arbitrary code execution from sidebar panel -- cgit v1.2.3