Vulnerability Description
gr_osview in SGI IRIX 6.5.22, and possibly other 6.5 versions, does not drop privileges when opening description files while in debug mode, which allows local users to read a line from arbitrary files via the -d and -D options, which prints the line as a formatting error.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sgi | Irix | 6.5.22 |
References
- ftp://patches.sgi.com/support/free/security/advisories/20050402-01-PPatch
- http://secunia.com/advisories/14875
- http://securitytracker.com/id?1013662
- http://www.idefense.com/application/poi/display?id=226&type=vulnerabilitiesPatchVendor Advisory
- http://www.osvdb.org/15351
- ftp://patches.sgi.com/support/free/security/advisories/20050402-01-PPatch
- http://secunia.com/advisories/14875
- http://securitytracker.com/id?1013662
- http://www.idefense.com/application/poi/display?id=226&type=vulnerabilitiesPatchVendor Advisory
- http://www.osvdb.org/15351
FAQ
What is CVE-2005-0464?
CVE-2005-0464 is a vulnerability with a CVSS score of 2.1 (LOW). gr_osview in SGI IRIX 6.5.22, and possibly other 6.5 versions, does not drop privileges when opening description files while in debug mode, which allows local users to read a line from arbitrary files...
How severe is CVE-2005-0464?
CVE-2005-0464 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-0464?
Check the references section above for vendor advisories and patch information. Affected products include: Sgi Irix.