CVE-1999-0433

CVSS 2.0 Score 4.6 of 10 (medium)

Details

Published Mar 21, 1999
Updated: Nov 20, 2024

Summary

CVE-1999-0433 is a vulnerability in the XFree86 startx command that poses a risk for local users. By exploiting a symlink attack, attackers can manipulate the command to create files in restricted directories, potentially resulting in privilege escalation or a denial of service. The XFree86 startx command, which initiates the X Window System session, is the target of this vulnerability. This issue was identified in 1999 and can be mitigated by implementing proper file access controls and avoiding the use of symlinks from untrusted sources.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • SUSE Linux Enterprise Server
  • NetBSD
  • Red Hat Enterprise Linux

Affected Vendors

  • Red Hat
  • SUSE Linux GmbH
  • Netbsd