CVE-1999-0433
CVSS 2.0 Score 4.6 of 10 (medium)
Details
Published Mar 21, 1999
Updated: Nov 20, 2024
Summary
CVE-1999-0433 is a vulnerability in the XFree86 startx command that poses a risk for local users. By exploiting a symlink attack, attackers can manipulate the command to create files in restricted directories, potentially resulting in privilege escalation or a denial of service. The XFree86 startx command, which initiates the X Window System session, is the target of this vulnerability. This issue was identified in 1999 and can be mitigated by implementing proper file access controls and avoiding the use of symlinks from untrusted sources.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- SUSE Linux Enterprise Server
- NetBSD
- Red Hat Enterprise Linux
Affected Vendors
- Red Hat
- SUSE Linux GmbH
- Netbsd