CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:H/Au:N/C:P/I:N/A:N
EPSS
Percentile
28.8%
Race condition in the Xsession script, as used by X Display Manager (xdm)
in NetBSD before 20060212, X.Org before 20060225, and Solaris 8 through 10
before 20061006, causes a user’s Xsession errors file to have weak
permissions before a chmod is performed, which allows local users to read
Xsession errors files of other users.