[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247862

 
 

909

 
 

194603

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2007-5958Date: (C)2008-01-18   (M)2023-12-22


X.Org Xserver before 1.4.1 allows local users to determine the existence of arbitrary files via a filename argument in the -sp option to the X program, which produces different error messages depending on whether the filename exists.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: NONE
Availability: NONE
  
Reference:
SECTRACK-1019232
SUNALERT-103205
http://www.securityfocus.com/archive/1/487335/100/0/threaded
SUNALERT-230901
BID-27336
BID-27356
SECUNIA-28273
SECUNIA-28532
SECUNIA-28535
SECUNIA-28536
SECUNIA-28539
SECUNIA-28540
SECUNIA-28542
SECUNIA-28543
SECUNIA-28550
SECUNIA-28584
SECUNIA-28592
SECUNIA-28616
SECUNIA-28718
SECUNIA-28843
SECUNIA-28885
SECUNIA-28997
SECUNIA-29420
SECUNIA-29622
SECUNIA-29707
SECUNIA-30161
SECUNIA-32545
EXPLOIT-DB-5152
ADV-2008-0179
ADV-2008-0184
ADV-2008-0497
ADV-2008-0924
ADV-2008-3000
APPLE-SA-2008-03-18
DSA-1466
FEDORA-2008-0760
FEDORA-2008-0831
GLSA-200801-09
GLSA-200804-05
GLSA-200805-07
MDVSA-2008:021
MDVSA-2008:022
MDVSA-2008:023
MDVSA-2008:025
RHSA-2008:0029
RHSA-2008:0030
RHSA-2008:0031
SSRT080083
SUSE-SA:2008:003
SUSE-SR:2008:008
USN-571-1
http://www.openbsd.org/errata41.html#012_xorg
http://www.openbsd.org/errata42.html#006_xorg
http://lists.freedesktop.org/archives/xorg/2008-January/031918.html
http://bugs.gentoo.org/show_bug.cgi?id=204362
http://docs.info.apple.com/article.html?artnum=307562
http://support.avaya.com/elmodocs2/security/ASA-2008-084.htm
https://issues.rpath.com/browse/RPL-1970
oval:org.mitre.oval:def:10991
oval:org.mitre.oval:def:5393
xorg-xsp-information-disclosure(39769)

CWE    1
CWE-200
OVAL    3
oval:org.mitre.oval:def:8106
oval:org.secpod.oval:def:301636
oval:org.secpod.oval:def:301304

© SecPod Technologies