CVE-2004-0157 Information

Description

x11.c in xonix 1.4 and earlier uses the current working directory to find and execute the rmail program which allows local users to execute arbitrary code by modifying the path to point to a malicious rmail program.

Reference

http://secunia.com/advisories/11382 http://securitytracker.com/id?1009789 http://shellcode.org/Advisories/XONIX.txt http://www.debian.org/security/2004/dsa-484 http://www.osvdb.org/5358 http://www.securityfocus.com/bid/10149 https://exchange.xforce.ibmcloud.com/vulnerabilities/15873