CVE-2006-5397 - The Xinput module (modules/im/ximcp/imLcIm.c) in X.Org libX11 1.0.2 and 1.0.3 opens a file for readi

CVE-2006-5397

Summary

The Xinput module (modules/im/ximcp/imLcIm.c) in X.Org libX11 1.0.2 and 1.0.3 opens a file for reading twice using the same file descriptor, which causes a file descriptor leak that allows local users to read files specified by the XCOMPOSEFILE environment variable via the duplicate file descriptor.

References

Vulnerable Configurations

cpe:2.3:a:x.org:libx11:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:x.org:libx11:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:x.org:libx11:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:x.org:libx11:1.0.3:*:*:*:*:*:*:*

CVSS

Base:	2.1 (as of 20-07-2017 - 01:33)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:N/A:N

refmap via4

bid	20845
confirm	http://gitweb.freedesktop.org/?p=xorg/lib/libX11.git;a=commit;h=686bb8b35acf6cecae80fe89b2b5853f5816ce19 https://bugs.freedesktop.org/show_bug.cgi?id=8699
mandriva	MDKSA-2006:199
secunia	22642 22749
vupen	ADV-2006-4289
xf	libx11-xinput-information-disclosure(29956)

statements via4

contributor	Mark J Cox
lastmodified	2007-03-14
organization	Red Hat
statement	Not vulnerable. These issues did not affect the versions of libX11 as shipped with Red Hat Enterprise Linux 2.1, 3, or 4. Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.

Last major update

20-07-2017 - 01:33

Published

03-11-2006 - 00:07

Last modified

20-07-2017 - 01:33