CVE-2014-4910 Information

Description

Directory traversal vulnerability in tools/backlight_helper.c in X.Org xf86-video-intel 2.99.911 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the interface name.

Reference

http://lists.x.org/archives/xorg-commit/2014-July/036840.html http://osvdb.org/show/osvdb/108851 http://seclists.org/oss-sec/2014/q3/138 http://seclists.org/oss-sec/2014/q3/39 https://exchange.xforce.ibmcloud.com/vulnerabilities/94746