Описание
X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.0.2-0ubuntu10.7 |
| devel | released | 1.2.0-3ubuntu8 |
| edgy | released | 1.1.1-0ubuntu12.2 |
| feisty | released | 1.2.0-3ubuntu8 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
EPSS
7.2 High
CVSS2
Связанные уязвимости
X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile.
X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 ina ...
X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile.
EPSS
7.2 High
CVSS2