cpe:/a:ahmed_abdel-hamid_mohamed:acon:1.0.5-5 cpe:/a:ahmed_abdel-hamid_mohamed:acon:1.0.5-6 cpe:/a:ahmed_abdel-hamid_mohamed:acon:1.0.5-7 CVE-2008-1994 2008-04-27T17:05:00.000-04:00 2017-08-07T21:30:40.120-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2008-04-28T13:14:00.000-04:00 ALLOWS_ADMIN_ACCESS BID 28862 SECUNIA 29909 XF acon-home-bo(41915) MISC http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475733 MISC http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476603 Multiple stack-based buffer overflows in (a) acon.c, (b) menu.c, and (c) child.c in Acon 1.0.5-5 through 1.0.5-7 allow local users to execute arbitrary code via (1) a long HOME environment variable or (2) a large number of terminal columns.