Definition

Security Vulnerability in the Solaris X Server May Lead to Unauthorized Disclosure of Information on Access Restricted Files and Directories

oval:org.mitre.oval:def:5393

X.Org Xserver before 1.4.1 allows local users to determine the existence of arbitrary files via a filename argument in the -sp option to the X program which produces different error messages depending on whether the filename exists.

Family:

unix

Status:

ACCEPTED

Platform(s):

Sun Solaris 8
Sun Solaris 10
Sun Solaris 9

Class:

vulnerability

Reference(s):

CVE-2007-5958

Product(s):