Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0141

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2009-0141
Last Modified 07 Mar 2011 10:17:57
Published 12 Feb 2009 07:30:05
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2009-0141

Summary

XTerm in Apple Mac OS X 10.4.11 and 10.5.6, when used with luit, creates tty devices with insecure world-writable permissions, which allows local users to write to the Xterm of another user.

Vulnerable Systems

Operating System

  • Apple Mac Os X 10.4.11

  • Apple Mac Os X 10.5.6

  • Apple Mac Os X Server 10.4.11

  • Apple Mac Os X Server 10.5.6


References

XF - macosx-xterm-information-disclosure(48727)

VUPEN - ADV-2009-0422

BID - 33798

CONFIRM - http://support.apple.com/kb/HT3438

SECTRACK - 1021729

SECUNIA - 33937

APPLE - APPLE-SA-2009-02-12

Related Patches

Apple 2009-02-12 Security Update 2009-001 Server (Tiger PPC)

Apple 2009-02-12 Security Update 2009-001 (Tiger PPC)

Apple 2009-02-12 Security Update 2009-001 Server (Tiger Intel)

Apple 2009-02-12 Security Update 2009-001 (Tiger Intel)


Last Updated: 27 May 2016 10:50:07