VDB-13714 · CVE-1999-0241 · BID 80913

Sun Solaris 2.5.1/2.6/7.0 X Window improper authentication

A vulnerability was found in Sun Solaris 2.5.1/2.6/7.0 (Operating System). It has been declared as very critical. This vulnerability affects an unknown functionality of the component X Window. Upgrading eliminates this vulnerability.

Field	06/17/2014 04:42 PM	07/22/2018 10:08 AM
type	Operating System	Operating System
vendor	Sun	Sun
name	Solaris	Solaris
version	2.5.1/2.6/7.0	2.5.1/2.6/7.0
component	X Window	X Window
affectedlist	SGI IRIX Sun Solaris 2.5/2.5.1/2.6/7.0	SGI IRIX Sun Solaris 2.5/2.5.1/2.6/7.0
risk	2	2
historic	0	0
cvss2_vuldb_basescore	10.0	10.0
cvss2_vuldb_tempscore	8.7	8.7
cvss2_vuldb_av	N	N
cvss2_vuldb_ac	L	L
cvss2_vuldb_au	N	N
cvss2_vuldb_ci	C	C
cvss2_vuldb_ii	C	C
cvss2_vuldb_ai	C	C
cvss3_meta_basescore	9.8	9.8
cvss3_meta_tempscore	9.4	9.4
cvss3_vuldb_basescore	9.8	9.8
cvss3_vuldb_tempscore	9.4	9.4
date	815184000 (11/01/1995)	815184000 (11/01/1995)
availability	1	1
price_0day	$5k-$25k	$5k-$25k
price_trend	-	-
name	Upgrade	Upgrade
cve	CVE-1999-0241	CVE-1999-0241
cve_nvd_published	815184000	815184000
cve_nvd_summary	guessable magic cookies in x windows allows remote attackers to execute commands e.g. through xterm.	guessable magic cookies in x windows allows remote attackers to execute commands e.g. through xterm.
securityfocus	80913	80913
securityfocus_title	X11r6 CVE-1999-0241 Remote Security Vulnerability	X11r6 CVE-1999-0241 Remote Security Vulnerability
vulnerabilitycenter	56172	56172
vulnerabilitycenter_title	X Windows Remote Code Execution Vulnerability due to Guessable Magic Cookies	X Windows Remote Code Execution Vulnerability due to Guessable Magic Cookies
vulnerabilitycenter_severity	Critical	Critical
vulnerabilitycenter_creationdate	1453766400	1453766400
vulnerabilitycenter_reportingdate	815184000	815184000
xforce	334	334
seealso	13713	13713
cwe	287 (weak authentication)	287 (weak authentication)
cvss2_vuldb_e	H	H
cvss2_vuldb_rl	OF	OF
cvss2_vuldb_rc	ND	ND
cvss3_vuldb_e	H	H
cvss3_vuldb_rl	O	O
cvss3_vuldb_rc	X	X
cvss3_vuldb_av	N	N
cvss3_vuldb_ac	L	L
cvss3_vuldb_pr	N	N
cvss3_vuldb_ui	N	N
cvss3_vuldb_s	U	U
cvss3_vuldb_c	H	H
cvss3_vuldb_i	H	H
cvss3_vuldb_a	H	H
cvss2_nvd_av		N
cvss2_nvd_ac		L
cvss2_nvd_au		N
cvss2_nvd_ci		C
cvss2_nvd_ii		C
cvss2_nvd_ai		C
securityfocus_date		815184000 (11/01/1995)
securityfocus_class		Design Error

◂ Previous Overview Next ▸

Interested in the pricing of exploits?

See the underground prices here!