|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] FINAL DECISION: ACCEPT 1 candidate from VEN-others cluster
I have made a Final Decision to ACCEPT the following candidates. These candidates are now assigned CVE names as noted below. Voting details and comments are provided afterwards. The CVE names for candidates that reach Final Decision should be regarded as stable. In the case of these and all other candidates that reach Final Decision during this validation period, accepted candidates won't reach Publication phase until the CVE goes fully public. The only difference between Publication and Final Decision is that the CVE name is officially "announced" by MITRE during Publication. - Steve Candidate CVE Name --------- ---------- CAN-1999-0433 CVE-1999-0433 ================================= Candidate: CAN-1999-0433 Published: Final-Decision: 19990718 Interim-Decision: 19990712 Modified: 19990712-01 Announced: 19990617 Assigned: 19990607 Category: SF Reference: SUSE:Mar28,1999 Reference: BUGTRAQ:Mar21,1999 Reference: XF:xfree86-temp-directories XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service. Modifications: ADDREF XF:xfree86-temp-directories VOTES: ACCEPT(4) Shostack, Northcutt, Prosser, Hill MODIFY(1) Frech COMMENTS: Frech> Reference: XF:xfree86-temp-directories
|
||||
