CVE-2011-4028
Published: 18 October 2011
The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to determine the existence of arbitrary files via a symlink attack on a temporary lock file, which is handled differently if the file exists.
Priority
Status
Package | Release | Status |
---|---|---|
xorg-server Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Released
(2:1.7.6-2ubuntu7.8)
|
|
upstream |
Needs triage
|
|
maverick |
Released
(2:1.9.0-0ubuntu7.5)
|
|
natty |
Released
(2:1.10.1-1ubuntu1.3)
|
|
oneiric |
Released
(2:1.10.4-1ubuntu4.1)
|