Title: Sun XView Library Buffer Overflow Vulnerability
Severity: HIGH
Description:
XView is a a component of X. It is available for various Unix and Linux operating systems.
A problem in XView packaged with Sun Solaris could make it possible for users to gain elevated privileges.
A buffer overflow exists in the XView library. This library could make it possible for a local user to execute arbitrary code via linked executables. Exploitation of this vulnerability may lead to elevated local privileges.
The problem is in the libxview.so library. A boundary condition error in this library could make the exploitation of privileged executables possible. In the event that an executable is linked against this library, and is either setuid or setgid, a local attacker could exploit this issue to execute arbitrary code with elevated privileges.
This vulnerability likely affects other operating systems with the xview library installed.
Affected Products:
- Sun Solaris 2.4.0
- Sun Solaris 2.5.0
- Sun Solaris 2.5.1
- Sun Solaris 2.5.1_x86
- Sun Solaris 2.6
- Sun Solaris 2.6_x86
- Sun Solaris 7.0
- Sun Solaris 7.0_x86
- Sun Solaris 8
- Sun Solaris 8_x86
References:
- Sun Microsystems: 27513
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
