CVE-2011-4028

Published: Jul 3, 2012

Modified: Sep 16, 2024

PUBLISHED

Description

The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to determine the existence of arbitrary files via a symlink attack on a temporary lock file, which is handled differently if the file exists.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://cgit.freedesktop.org/xorg/xserver/commit/?id=6ba44b91e37622ef8c146d8f2ac92d708a18ed34

x_refsource_CONFIRM

[xorg] 20111018 X.Org security advisory: xserver locking code issues

mailing-list

x_refsource_MLIST

46460

third-party-advisory

x_refsource_SECUNIA

RHSA-2012:0939

vendor-advisory

x_refsource_REDHAT

49579

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2011-4028

Description

Affected Products

References