Sun Solaris 2.5.1/2.6/7.0 X Window improper authentication

entryeditHistoryDiffjsonxmlCTI

A vulnerability was found in Sun Solaris 2.5.1/2.6/7.0 (Operating System). It has been declared as very critical. This vulnerability affects an unknown functionality of the component X Window. Upgrading eliminates this vulnerability.

Field06/17/2014 04:42 PM07/22/2018 10:08 AM
typeOperating SystemOperating System
vendorSunSun
nameSolarisSolaris
version2.5.1/2.6/7.02.5.1/2.6/7.0
componentX WindowX Window
affectedlistSGI IRIX Sun Solaris 2.5/2.5.1/2.6/7.0SGI IRIX Sun Solaris 2.5/2.5.1/2.6/7.0
risk22
historic00
cvss2_vuldb_basescore10.010.0
cvss2_vuldb_tempscore8.78.7
cvss2_vuldb_avNN
cvss2_vuldb_acLL
cvss2_vuldb_auNN
cvss2_vuldb_ciCC
cvss2_vuldb_iiCC
cvss2_vuldb_aiCC
cvss3_meta_basescore9.89.8
cvss3_meta_tempscore9.49.4
cvss3_vuldb_basescore9.89.8
cvss3_vuldb_tempscore9.49.4
date815184000 (11/01/1995)815184000 (11/01/1995)
availability11
price_0day$5k-$25k$5k-$25k
price_trend--
nameUpgradeUpgrade
cveCVE-1999-0241CVE-1999-0241
cve_nvd_published815184000815184000
cve_nvd_summaryguessable magic cookies in x windows allows remote attackers to execute commands e.g. through xterm.guessable magic cookies in x windows allows remote attackers to execute commands e.g. through xterm.
securityfocus8091380913
securityfocus_titleX11r6 CVE-1999-0241 Remote Security VulnerabilityX11r6 CVE-1999-0241 Remote Security Vulnerability
vulnerabilitycenter5617256172
vulnerabilitycenter_titleX Windows Remote Code Execution Vulnerability due to Guessable Magic CookiesX Windows Remote Code Execution Vulnerability due to Guessable Magic Cookies
vulnerabilitycenter_severityCriticalCritical
vulnerabilitycenter_creationdate14537664001453766400
vulnerabilitycenter_reportingdate815184000815184000
xforce334334
seealso1371313713
cwe287 (weak authentication)287 (weak authentication)
cvss2_vuldb_eHH
cvss2_vuldb_rlOFOF
cvss2_vuldb_rcNDND
cvss3_vuldb_eHH
cvss3_vuldb_rlOO
cvss3_vuldb_rcXX
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_prNN
cvss3_vuldb_uiNN
cvss3_vuldb_sUU
cvss3_vuldb_cHH
cvss3_vuldb_iHH
cvss3_vuldb_aHH
cvss2_nvd_avN
cvss2_nvd_acL
cvss2_nvd_auN
cvss2_nvd_ciC
cvss2_nvd_iiC
cvss2_nvd_aiC
securityfocus_date815184000 (11/01/1995)
securityfocus_classDesign Error

Interested in the pricing of exploits?

See the underground prices here!