Viscosity contains a flaw that may allow a malicious local user to gain escalated privileges. The issue is due to the setuid-set ViscosityHelper binary executing arbitrary scripts insecurely. This may allow a local attacker to use a symlink attack to gain elevated privileges.
Local Access Required
Loss of Integrity
OSVDB is not aware of a solution for this vulnerability.