tcl
Page content
- Author: voroskoi
- Vulnerable: 8.4.14-1
- Unaffected: 8.4.15-1terminus1
Martin Lemburg has reported a security issue in Tcl, which potentially can be exploited by malicious, local users to gain escalated privileges. The security issue is caused due to a boundary error within tcl/win/tclWinReg.c when processing overly long registry key names. This can be exploited to cause a buffer overflow by e.g. creating a malicious registry key and enticing another user to query it with an application using Tcl.
- Bug Tracker URL: http://bugs.frugalware.org/task/2118