CVE-2006-4801 Information

Description

Race condition in Deja Vu as used in Roxio Toast Titanium 7 and possibly other products allows local users to execute arbitrary code via temporary files including dejavu_manual.rb which are executed with raised privileges.

Reference

http://secunia.com/advisories/21867 http://www.netragard.com/pdfs/research/ROXIO_RACE_NETRAGARD-20060624.txt http://www.securityfocus.com/bid/19955 http://www.vupen.com/english/advisories/2006/3608