CVE-2002-1472
published 2003-03-03CVE-2002-1472: Untrusted search path vulnerability in libX11.so in xfree86, when used in setuid or setgid programs, allows local users to gain root privileges via a modified…
PriorityP421high7.2CVSS 2.0
AVLACLAuNCCICAC
EPSS
0.37%
28.8th percentile
Untrusted search path vulnerability in libX11.so in xfree86, when used in setuid or setgid programs, allows local users to gain root privileges via a modified LD_PRELOAD environment variable that points to a malicious module.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| xfree86_project | x11r6 | — | — |
| xfree86_project | x11r6 | — | — |
CVSS provenance
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
vendor_redhat7.2HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-ch45-xvph-66gf: Untrusted search path vulnerability in libX11
ghsa_unreviewed·2022-04-30
CVE-2002-1472 [HIGH] GHSA-ch45-xvph-66gf: Untrusted search path vulnerability in libX11
Untrusted search path vulnerability in libX11.so in xfree86, when used in setuid or setgid programs, allows local users to gain root privileges via a modified LD_PRELOAD environment variable that points to a malicious module.
Red Hat
security flaw
vendor_redhat·2002-09-18·CVSS 7.2
CVE-2002-1472 [HIGH] security flaw
security flaw
Untrusted search path vulnerability in libX11.so in xfree86, when used in setuid or setgid programs, allows local users to gain root privileges via a modified LD_PRELOAD environment variable that points to a malicious module.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2002-1472 security flaw
bugzilla·2018-08-16·CVSS 7.2
CVE-2002-1472 [HIGH] CVE-2002-1472 security flaw
CVE-2002-1472 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
Untrusted search path vulnerability in libX11.so in xfree86, when used in setuid or setgid programs, allows local users to gain root privileges via a modified LD_PRELOAD environment variable that points to a malicious module.
Crowdstrike
Identify CVE-2020-1472 Vulnerabilities with Zerologon Dashboard
blogs_crowdstrike·CVSS 5.5
CVE-2026-20929 [MEDIUM] Identify CVE-2020-1472 Vulnerabilities with Zerologon Dashboard
How CrowdStrike is Accelerating Exposure Evaluation as Adversaries Gain Speed Apr 06, 2026
STARDUST CHOLLIMA Likely Compromises Axios npm Package Apr 01, 2026
Falcon for IT Supports Windows Secure Boot Certificate Lifecycle Management Apr 01, 2026
Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse Mar 31, 2026
How CrowdStrike is Accelerating Exposure Evaluation as Adversaries Gain Speed Apr 06, 2026
STARDUST CHOLLIMA Likely Compromises Axios npm Package Apr 01, 2026
Falcon for IT Supports Windows Secure Boot Certificate Lifecycle Management Apr 01, 2026
Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse Mar 31, 2026
Video Highlights the 4 Key Steps to Successful Incident Response Dec 02, 2019
Helping Non-Security Stakeholders Understand AT
http://archives.neohapsis.com/archives/linux/suse/2002-q3/1116.htmlhttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000529http://www.iss.net/security_center/static/10137.phphttp://www.osvdb.org/11922http://www.redhat.com/support/errata/RHSA-2003-066.htmlhttp://www.redhat.com/support/errata/RHSA-2003-067.htmlhttp://www.securityfocus.com/bid/5735http://archives.neohapsis.com/archives/linux/suse/2002-q3/1116.htmlhttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000529http://www.iss.net/security_center/static/10137.phphttp://www.osvdb.org/11922http://www.redhat.com/support/errata/RHSA-2003-066.htmlhttp://www.redhat.com/support/errata/RHSA-2003-067.htmlhttp://www.securityfocus.com/bid/5735
2003-03-03
Published