CVE

Id
24180  
CVE No.
CVE-2007-0823  
Status
Candidate  
Description
xterm on Slackware Linux 10.2 stores information that had been displayed for a different user account using the same xterm process, which might allow local users to bypass file permissions and read other users" files, or obtain other sensitive information, by reading the xterm process memory. NOTE: it could be argued that this is an expected consequence of multiple users sharing the same interactive process, in which case this is not a vulnerability.  
Phase
Assigned (20070207)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
236746 24180 CVE-2007-0823 FULLDISC:20070201 umount crash and xterm (kind of) information leak!  View
236747 24180 CVE-2007-0823 URL:http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0012.html  View
236748 24180 CVE-2007-0823 MISC:http://gotfault.wordpress.com/2007/02/01/a-funny-case/  View
236749 24180 CVE-2007-0823 OSVDB:33651  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
52857 JVNDB-2007-001549 FlashFXP におけるサービス運用妨害 (DoS) の脆弱性 FlashFXP は、バッファオーバーフローを発生するため、サービス運用妨害 (CPU の消費) 状態となる脆弱性が存在します。 CVE-2007-0825 24180 7.8 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-001549.html  View