CVE-2006-4801
Severity CVSS v4.0:
Pending analysis
Type:
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Publication date:
14/09/2006
Last modified:
03/04/2025
Description
Race condition in Deja Vu, as used in Roxio Toast Titanium 7 and possibly other products, allows local users to execute arbitrary code via temporary files, including dejavu_manual.rb, which are executed with raised privileges.
Impact
Base Score 2.0
6.20
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:roxio:toast:7:*:titanium:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://secunia.com/advisories/21867
- http://www.netragard.com/pdfs/research/ROXIO_RACE_NETRAGARD-20060624.txt
- http://www.securityfocus.com/bid/19955
- http://www.vupen.com/english/advisories/2006/3608
- http://secunia.com/advisories/21867
- http://www.netragard.com/pdfs/research/ROXIO_RACE_NETRAGARD-20060624.txt
- http://www.securityfocus.com/bid/19955
- http://www.vupen.com/english/advisories/2006/3608