4.6
CVE-2009-1573
- EPSS 0.46%
- Veröffentlicht 06.05.2009 17:30:09
- Zuletzt bearbeitet 16.06.2026 23:07:33
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
xvfb-run 1.6.1 in Debian GNU/Linux, Ubuntu, Fedora 10, and possibly other operating systems place the magic cookie (MCOOKIE) on the command line, which allows local users to gain privileges by listing the process and its arguments.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Branden Robinson ≫ Xvfb-run Version1.6.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.46% | 0.361 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.6 | 3.9 | 6.4 |
AV:L/AC:L/Au:N/C:P/I:P/A:P
|
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526678
http://secunia.com/advisories/39834
http://www.openwall.com/lists/oss-security/2009/05/05/2
http://www.openwall.com/lists/oss-security/2009/05/05/4
http://www.securityfocus.com/bid/34828
http://www.ubuntu.com/usn/USN-939-1
http://www.vupen.com/english/advisories/2010/1185
https://exchange.xforce.ibmcloud.com/vulnerabilities/50348