CVE-1999-1210 Information

Feb 14, 2021 cve

Description

xterm in Digital UNIX 4.0B with patch kit 5 allows local users to overwrite arbitrary files via a symlink attack on a core dump file which is created when xterm is called with a DISPLAY environmental variable set to a display that xterm cannot access.

Reference

http://marc.info/?l=bugtraq&m=87936891504885&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/613

Share on: