Vulnerability in Xfree86_project X11r6

CVE-2002-1472

Untrusted search path vulnerability in libX11.so in xfree86, when used in setuid or setgid programs, allows local users to gain root privileges via a modified LD_PRELOAD environment variable that points to a malicious module.

EPSS: 0.004 (28.6th percentile) — read the EPSS interpretation.

Affected products

Xfree86_project X11r6 — versions 4.1.0, 4.2.0
N/a — versions n/a

References

cve@mitre.org (x_refsource_REDHAT, vendor-advisory)
cve@mitre.org (x_refsource_REDHAT, vendor-advisory)
cve@mitre.org (Patch, vdb-entry, Vendor Advisory, x_refsource_XF)
cve@mitre.org (vendor-advisory, Patch, x_refsource_SUSE, Vendor Advisory)
cve@mitre.org (Patch, vdb-entry, x_refsource_BID, Vendor Advisory)
cve@mitre.org (vendor-advisory, x_refsource_CONECTIVA)
cve@mitre.org (x_refsource_OSVDB, vdb-entry)