Vulnerability Details CVE-1999-0433
XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 39.6%
CVSS Severity
CVSS v2 Score 4.6
References
Products affected by CVE-1999-0433
-
cpe:2.3:a:xfree86_project:x11r6:3.3.3
-
cpe:2.3:o:netbsd:netbsd:1.3.2
-
cpe:2.3:o:netbsd:netbsd:1.3.3
-
cpe:2.3:o:redhat:linux:5.1
-
cpe:2.3:o:redhat:linux:5.2
-
cpe:2.3:o:slackware:slackware_linux:3.3
-
cpe:2.3:o:slackware:slackware_linux:3.4
-
cpe:2.3:o:slackware:slackware_linux:3.5
-
cpe:2.3:o:slackware:slackware_linux:3.6
-
cpe:2.3:o:slackware:slackware_linux:4.0
-
cpe:2.3:o:suse:suse_linux:5.1
-
cpe:2.3:o:suse:suse_linux:5.2
-
cpe:2.3:o:suse:suse_linux:6.0
-
cpe:2.3:o:suse:suse_linux:6.1