Lucene search

[email protected]CVE-2004-0157

HistoryJun 01, 2004 - 4:00 a.m.

CVE-2004-0157

2004-06-0104:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2004-0157

x11.c

xonix 1.4

local users

arbitrary code

security vulnerability

7 High

AI Score

Confidence

High

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

25.3%

JSON

x11.c in xonix 1.4 and earlier uses the current working directory to find and execute the rmail program, which allows local users to execute arbitrary code by modifying the path to point to a malicious rmail program.

CPENameOperatorVersion
xonix:xonixxonixle1.4

CPE	Name	Operator	Version
xonix:xonix	xonix	le	1.4

References

secunia.com/advisories/11382

securitytracker.com/id?1009789

shellcode.org/Advisories/XONIX.txt

www.debian.org/security/2004/dsa-484

www.osvdb.org/5358

www.securityfocus.com/bid/10149

exchange.xforce.ibmcloud.com/vulnerabilities/15873

7 High

AI Score

Confidence

High

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

25.3%

JSON

Related for CVE-2004-0157

nessus2 debian1 osv1 ubuntucve1 cvelist1 openvas2 debiancve1