CVE-2010-3363

Name of the Vulnerable Software and Affected Versions roaraudio version 0.3

Description The issue in roaraudio allows local users to gain privileges via a Trojan horse shared library in the current working directory. This is due to roarify placing a zero-length directory name in the LD LIBRARY PATH.

Recommendations For roaraudio version 0.3, consider restricting access to the LD LIBRARY PATH environment variable to prevent unauthorized modifications, and avoid using the roarify function in untrusted environments until a fix is available.