CVE-2006-2409 Information

Description

Format string vulnerability in the raydium_log function in console.c in Raydium before SVN revision 310 allows local users to execute arbitrary code via format string specifiers in the format parameter which are not properly handled in a call to raydium_console_line_add.

Reference

http://aluigi.altervista.org/adv/raydiumx-adv.txt http://raydium.org/svn.php http://secunia.com/advisories/20097 http://securityreason.com/securityalert/900 http://www.securityfocus.com/archive/1/433930/100/0/threaded http://www.securityfocus.com/bid/17986 http://www.vupen.com/english/advisories/2006/1808 https://exchange.xforce.ibmcloud.com/vulnerabilities/26514