CVE-2011-4578

Name of the Vulnerable Software and Affected Versions acpid versions prior to 2.0.11

Description The issue allows local users to potentially perform unauthorized write operations within directories created by a script or read files created by a script due to insufficient umask settings in event-handler scripts. This could lead to a breach of confidentiality, integrity, and availability of protected information. The exploitation of this issue can be carried out by a local attacker.

Recommendations For versions prior to 2.0.11, update to version 2.0.11 or later to resolve the issue. As a temporary workaround, consider setting an appropriate umask manually before executing event-handler scripts to minimize the risk of exploitation.