CVE - CVE-2007-5958

CVE-ID
CVE-2007-5958	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
X.Org Xserver before 1.4.1 allows local users to determine the existence of arbitrary files via a filename argument in the -sp option to the X program, which produces different error messages depending on whether the filename exists.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BUGTRAQ:20080130 rPSA-2008-0032-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs URL:http://www.securityfocus.com/archive/1/487335/100/0/threaded EXPLOIT-DB:5152 URL:https://www.exploit-db.com/exploits/5152 MLIST:[xorg] 20080117 X.Org security advisory: multiple vulnerabilities in the X server URL:http://lists.freedesktop.org/archives/xorg/2008-January/031918.html CONFIRM:http://bugs.gentoo.org/show_bug.cgi?id=204362 CONFIRM:https://issues.rpath.com/browse/RPL-1970 CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2008-084.htm CONFIRM:http://docs.info.apple.com/article.html?artnum=307562 APPLE:APPLE-SA-2008-03-18 URL:http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html DEBIAN:DSA-1466 URL:http://www.debian.org/security/2008/dsa-1466 FEDORA:FEDORA-2008-0760 URL:https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00641.html FEDORA:FEDORA-2008-0831 URL:https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00704.html GENTOO:GLSA-200801-09 URL:http://security.gentoo.org/glsa/glsa-200801-09.xml GENTOO:GLSA-200804-05 URL:http://security.gentoo.org/glsa/glsa-200804-05.xml GENTOO:GLSA-200805-07 URL:http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml HP:HPSBUX02381 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01543321 HP:SSRT080083 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01543321 MANDRIVA:MDVSA-2008:021 URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:021 MANDRIVA:MDVSA-2008:022 URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:022 MANDRIVA:MDVSA-2008:023 URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:023 MANDRIVA:MDVSA-2008:025 URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:025 OPENBSD:[4.1] 20080208 012: SECURITY FIX: February 8, 2008 URL:http://www.openbsd.org/errata41.html#012_xorg OPENBSD:[4.2] 20080208 006: SECURITY FIX: February 8, 2008 URL:http://www.openbsd.org/errata42.html#006_xorg REDHAT:RHSA-2008:0029 URL:http://www.redhat.com/support/errata/RHSA-2008-0029.html REDHAT:RHSA-2008:0030 URL:http://www.redhat.com/support/errata/RHSA-2008-0030.html REDHAT:RHSA-2008:0031 URL:http://www.redhat.com/support/errata/RHSA-2008-0031.html SUNALERT:103205 URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-103205-1 SUNALERT:230901 URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-230901-1 SUSE:SUSE-SA:2008:003 URL:http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00004.html SUSE:SUSE-SR:2008:008 URL:http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html UBUNTU:USN-571-1 URL:https://usn.ubuntu.com/571-1/ BID:27336 URL:http://www.securityfocus.com/bid/27336 BID:27356 URL:http://www.securityfocus.com/bid/27356 OVAL:oval:org.mitre.oval:def:10991 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10991 SECUNIA:32545 URL:http://secunia.com/advisories/32545 VUPEN:ADV-2008-0179 URL:http://www.vupen.com/english/advisories/2008/0179 VUPEN:ADV-2008-0184 URL:http://www.vupen.com/english/advisories/2008/0184 VUPEN:ADV-2008-0497 URL:http://www.vupen.com/english/advisories/2008/0497/references VUPEN:ADV-2008-0924 URL:http://www.vupen.com/english/advisories/2008/0924/references OVAL:oval:org.mitre.oval:def:5393 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5393 SECTRACK:1019232 URL:http://securitytracker.com/id?1019232 SECUNIA:28532 URL:http://secunia.com/advisories/28532 SECUNIA:28535 URL:http://secunia.com/advisories/28535 SECUNIA:28536 URL:http://secunia.com/advisories/28536 SECUNIA:28539 URL:http://secunia.com/advisories/28539 SECUNIA:28540 URL:http://secunia.com/advisories/28540 SECUNIA:28542 URL:http://secunia.com/advisories/28542 SECUNIA:28543 URL:http://secunia.com/advisories/28543 SECUNIA:28550 URL:http://secunia.com/advisories/28550 SECUNIA:28273 URL:http://secunia.com/advisories/28273 SECUNIA:28592 URL:http://secunia.com/advisories/28592 SECUNIA:28616 URL:http://secunia.com/advisories/28616 SECUNIA:28584 URL:http://secunia.com/advisories/28584 SECUNIA:28718 URL:http://secunia.com/advisories/28718 SECUNIA:28843 URL:http://secunia.com/advisories/28843 SECUNIA:28885 URL:http://secunia.com/advisories/28885 SECUNIA:28997 URL:http://secunia.com/advisories/28997 SECUNIA:29420 URL:http://secunia.com/advisories/29420 SECUNIA:29622 URL:http://secunia.com/advisories/29622 SECUNIA:29707 URL:http://secunia.com/advisories/29707 SECUNIA:30161 URL:http://secunia.com/advisories/30161 VUPEN:ADV-2008-3000 URL:http://www.vupen.com/english/advisories/2008/3000 XF:xorg-xsp-information-disclosure(39769) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/39769
Assigning CNA
N/A
Date Entry Created
20071114	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20071114)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org