CVE 2005-0072
zhcon before 0.2 does not drop privileges before reading a user configuration file, which allows local users to read arbitrary files.
See the
CVE page on Mitre.org
for more details.
zhcon before 0.2 does not drop privileges before reading a user configuration file, which allows local users to read arbitrary files.