CVE-2009-1573

🗓️ 06 May 2009 17:00:00Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 4 Media mentions👁 62 Views

xvfb-run 1.6.1 in Debian GNU/Linux, Ubuntu, Fedora 10, and possibly other operating systems places magic cookie (MCOOKIE) on the command line, allowing local users to gain privileges

Reporter	Title	Published	Views	Family All 17
Cvelist	CVE-2009-1573	6 May 200917:00	–	cvelist
Debian CVE	CVE-2009-1573	6 May 200917:00	–	debiancve
EUVD	EUVD-2009-1569	7 Oct 202500:30	–	euvd
Fedora	[SECURITY] Fedora 14 Update: xorg-x11-server-1.9.0-9.fc14	23 Sep 201012:53	–	fedora
Tenable Nessus	Fedora 14 : xorg-x11-server-1.9.0-9.fc14 (2010-14754)	24 Sep 201000:00	–	nessus
Tenable Nessus	Ubuntu 8.04 LTS / 9.04 / 9.10 : xorg-server vulnerabilities (USN-939-1)	19 May 201000:00	–	nessus
NVD	CVE-2009-1573	6 May 200917:30	–	nvd
OpenVAS	Ubuntu: Security Advisory (USN-939-1)	28 May 201000:00	–	openvas
OpenVAS	Fedora Update for xorg-x11-server FEDORA-2010-14754	2 Dec 201000:00	–	openvas
OpenVAS	Ubuntu Update for xorg-server vulnerabilities USN-939-1	28 May 201000:00	–	openvas

NVD

Node

debian debian_linux

redhat fedoraMatch10

ubuntu linux

AND

branden_robinson xvfb-runMatch1.6.1

Source	Link
bugs	www.bugs.debian.org/cgi-bin/bugreport.cgi
secunia	www.secunia.com/advisories/39834
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/50348
openwall	www.openwall.com/lists/oss-security/2009/05/05/4
openwall	www.openwall.com/lists/oss-security/2009/05/05/2
securityfocus	www.securityfocus.com/bid/34828
vupen	www.vupen.com/english/advisories/2010/1185
ubuntu	www.ubuntu.com/usn/USN-939-1

16 Jun 2026 23:07Current

6.5Medium risk

Vulners AI Score6.5

CVSS 24.6

EPSS0.00456

CWE-264