CVE-2007-5958
published 2008-01-18CVE-2007-5958: X.Org Xserver before 1.4.1 allows local users to determine the existence of arbitrary files via a filename argument in the -sp option to the X program, which…
medium5CVSS 3.1
AVNACLAuNCPINAN
EXPLOIT
X.Org Xserver before 1.4.1 allows local users to determine the existence of arbitrary files via a filename argument in the -sp option to the X program, which produces different error messages depending on whether the filename exists.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | xorg-server | < xorg-server 2:1.4.1~git20080105-2 (bookworm) | xorg-server 2:1.4.1~git20080105-2 (bookworm) |
| x.org | xorg-server | >= 0 < 2:1.4.1~git20080105-2 | 2:1.4.1~git20080105-2 |
| x.org | xorg-server | >= 0 < 2:1.4.1~git20080105-2 | 2:1.4.1~git20080105-2 |
| x.org | xorg-server | >= 0 < 2:1.4.1~git20080105-2 | 2:1.4.1~git20080105-2 |
| x.org | xorg-server | >= 0 < 2:1.4.1~git20080105-2 | 2:1.4.1~git20080105-2 |
| x.org | xserver | <= 1.4 | — |
CVSS provenance
nvd5.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
osv5.0MEDIUM