Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1472

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2002-1472
Last Modified 05 Sep 2008 04:30:41
Published 03 Mar 2003 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2002-1472

Summary

Untrusted search path vulnerability in libX11.so in xfree86, when used in setuid or setgid programs, allows local users to gain root privileges via a modified LD_PRELOAD environment variable that points to a malicious module.

Vulnerable Systems

Application

  • Xfree86 Project X11r6 4.1.0

  • Xfree86 Project X11r6 4.2.0


References

BID - 5735

XF - xfree86-x11-program-execution(10137)

SUSE - SuSE-SA:2002:032

REDHAT - RHSA-2003:067

REDHAT - RHSA-2003:066

OSVDB - 11922

CONECTIVA - CLA-2002:529


Last Updated: 27 May 2016 10:37:20