2 matches found
CVE-1999-1210
Affected software: xterm on Digital UNIX 4.0B with patch kit 5. The vulnerability arises from a symlink attack on a core-dump file created when xterm is invoked with DISPLAY set to an inaccessible display. Local attackers can use this to overwrite arbitrary files. The description does not provide...
CVE-1999-1210
xterm in Digital UNIX 4.0B with patch kit 5 allows local users to overwrite arbitrary files via a symlink attack on a core dump file, which is created when xterm is called with a DISPLAY environmental variable set to a display that xterm cannot access...