according to the CVE page [1], the flaw described by CVE-2008-2826 at most could be used to cause a denial of service by local users. hence, this should be listed as a low-urgency issue in the tracker. thanks. [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2826