VDB
CVE-2011-4613
CVE-2011-4613
PUBLISHED
CVSS 4.599999904632568 MEDIUM
The X.Org X wrapper (xserver-wrapper.c) in Debian GNU/Linux and Ubuntu Linux does not properly verify the TTY of a user who is starting X, which allows local users to bypass intended access restrictions by associating stdin with a file that is misinterpreted as the console TTY.
EPSS 0.08% · 24.4th percentile
Risk Scores
CVSS v2.0
4.599999904632568
EPSS Score
0.08%
24.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| ubuntu | linux | |
| canonical | ubuntu_linux | 10.04, 10.10, 11.04 |
| x.org | x_server | |
| n/a | n/a | n/a |
| debian | debian_linux |
Timeline
- Feb 5, 2014 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 17, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 1, 2023 EPSS Score
- May 24, 2023 EPSS Score
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652249 url
- USN-1349-1 vendor-advisory
- DSA-2364 vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2011-4613 advisory