CVE-2009-1756

2009-05-22T11:52:00
ID CVE-2009-1756
Type cve
Reporter cve@mitre.org
Modified 2017-08-17T01:30:00

Description

SLiM Simple Login Manager 1.3.0 places the X authority magic cookie (mcookie) on the command line when invoking xauth from (1) app.cpp and (2) switchuser.cpp, which allows local users to access the X session by listing the process and its arguments.