CVE-2012-3485

Tunnelblick 3.3beta20 and earlier relies on argv[0] to determine the name of an appropriate (1) kernel module pathname or (2) executable file pathname, which allows local users to gain privileges via an execl system call.

Date published : 2012-08-26

http://code.google.com/p/tunnelblick/issues/detail?id=212

http://www.exploit-db.com/exploits/24578