Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2006-5397
Modified
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-03 Nov, 2006 | 00:07
Updated At-07 Nov, 2023 | 01:59

The Xinput module (modules/im/ximcp/imLcIm.c) in X.Org libX11 1.0.2 and 1.0.3 opens a file for reading twice using the same file descriptor, which causes a file descriptor leak that allows local users to read files specified by the XCOMPOSEFILE environment variable via the duplicate file descriptor.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.02.1LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
Type: Primary
Version: 2.0
Base score: 2.1
Base severity: LOW
Vector:
AV:L/AC:L/Au:N/C:P/I:N/A:N
CPE Matches
X.Org Foundation
x.org
>>libx11>>1.0.2
cpe:2.3:a:x.org:libx11:1.0.2:*:*:*:*:*:*:*
X.Org Foundation
x.org
>>libx11>>1.0.3
cpe:2.3:a:x.org:libx11:1.0.3:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
Organization : Red Hat
Last Modified : 2007-03-14T00:00:00

Not vulnerable. These issues did not affect the versions of libX11 as shipped with Red Hat Enterprise Linux 2.1, 3, or 4. Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.

References
HyperlinkSourceResource
http://gitweb.freedesktop.org/?p=xorg/lib/libX11.git%3Ba=commit%3Bh=686bb8b35acf6cecae80fe89b2b5853f5816ce19cve@mitre.org
N/A
http://secunia.com/advisories/22642cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/22749cve@mitre.org
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2006:199cve@mitre.org
N/A
http://www.securityfocus.com/bid/20845cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2006/4289cve@mitre.org
N/A
https://bugs.freedesktop.org/show_bug.cgi?id=8699cve@mitre.org
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/29956cve@mitre.org
N/A
Hyperlink: http://gitweb.freedesktop.org/?p=xorg/lib/libX11.git%3Ba=commit%3Bh=686bb8b35acf6cecae80fe89b2b5853f5816ce19
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/22642
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/22749
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:199
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/20845
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/4289
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://bugs.freedesktop.org/show_bug.cgi?id=8699
Source: cve@mitre.org
Resource:
Patch
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/29956
Source: cve@mitre.org
Resource: N/A
Change History
0Changes found
Details not found