Solaris systems running the Xsun(1) Solaris X11 server are vulnerable to unprivileged local users that may be able to overwrite or create arbitrary files on the system or crash the Xsun(1) server due to vulnerabilities in the Xsun(1) server and Direct Graphics Access (DGA) mode. Successful exploitation may lead to root privileges on the system.

Sun Microsystems has made the following patches available based on platform and version:

SPARC Platform

Solaris 2.6 with patch 105633-64 or later
Solaris 7 with patch 108376-44 or later
Solaris 8 with patch 108652-72 or later
Solaris 9 with patch 112785-25 or later

x86 Platform

Solaris 2.6 with patch 106248-49 or later
Solaris 7 with patch 108377-39 or later
Solaris 8 with patch 108653-61 or later
Solaris 9 with patch 112786-15 or later

• Secunia Advisory ID: 10346
• ISS X-Force ID: 13890
• CVE ID: 2003-1058 (see also: NVD)
• SCIP VulDB ID: 425
• Vendor Specific Advisory URL: http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57419

Unknown or Incomplete