Multiple buffer overflows in the SDL port of abuse (abuse-SDL) before 2.00 allow local users to execute arbitrary code via the command line.

The SDL port of abuse (abuse-SDL) before 2.00 does not properly drop privileges before creating certain files, which allows local users to create or overwrite arbitrary files.