CVE-2014-4910

CVE-2014-4910

EPSS 1.0%

Directory traversal vulnerability in tools/backlight_helper.c in X.Org xf86-video-intel 2.99.911 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the interface name.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://lists.x.org/archives/xorg-commit/2014-July/036840.html http://osvdb.org/show/osvdb/108851 http://seclists.org/oss-sec/2014/q3/138 http://seclists.org/oss-sec/2014/q3/39 https://exchange.xforce.ibmcloud.com/vulnerabilities/94746