CVE-2005-0072

Name of the Vulnerable Software and Affected Versions zhcon versions prior to 0.2

Description The issue allows local users to read arbitrary files due to the software not dropping privileges before reading a user configuration file. This can lead to a breach of confidentiality of protected information. The exploitation of this issue can be carried out by a local attacker.

Recommendations For versions prior to 0.2, update to version 0.2 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive files that could be read through this issue until the update is applied.