CVE-2011-4029

X.Org xserver <1.11.2 - Info Disclosure

Title source: llm

Description

The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to change the permissions of arbitrary files to 444, read those files, and possibly cause a denial of service (removed execution permission) via a symlink attack on a temporary lock file.

Exploits (1)

exploitdb WORKING POC

clocallinux

https://www.exploit-db.com/exploits/18040

View Code ZIP pw:eip

References (5)

[Patch] http://cgit.freedesktop.org/xorg/xserver/commit/?id=b67581cf825940fdf52bf2e0af4330e695d724a4

[Various Sources] http://lists.freedesktop.org/archives/xorg/2011-October/053680.html

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2012-0939.html

[Vendor Advisory] http://secunia.com/advisories/46460

[Vendor Advisory] http://secunia.com/advisories/49579

Scores

EPSS 0.0077

EPSS Percentile 73.5%

Details

CWE

CWE-362

Status published

Products (2)

x.org/x_server 1.11.0

x.org/x_server < 1.11.1

Published Jul 03, 2012

Tracked Since Feb 18, 2026