CVE-2006-4842

Publication date 12 October 2006

Last updated 24 July 2024


Ubuntu priority

The Netscape Portable Runtime (NSPR) API 4.6.1 and 4.6.2, as used in Sun Solaris 10, trusts user-specified environment variables for specifying log files even when running from setuid programs, which allows local users to create or overwrite arbitrary files.

Status

No maintained releases are affected by this CVE.

Package Ubuntu Release Status
firefox 7.04 feisty
Not affected
6.10 edgy
Not affected
6.06 LTS dapper
Not affected