CVE-1999-1133
Description
HP-UX 9.x and 10.x local privilege escalation via X Windows applications vuefile, vuepad, dtfile, dtpad due to missing user authentication.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
HP-UX 9.x and 10.x local privilege escalation via X Windows applications vuefile, vuepad, dtfile, dtpad due to missing user authentication.
Vulnerability
The vulnerability exists in HP-UX versions 9.x and 10.x running X Windows. The applications vuefile, vuepad, dtfile, and dtpad do not authenticate users, allowing local attackers to gain elevated privileges [1].
Exploitation
A local attacker can exploit this by simply launching any of the affected applications. Since the applications lack user authentication, they may run with elevated privileges, enabling the attacker to gain unauthorized access or perform privileged operations [1].
Impact
Successful exploitation allows a local attacker to gain elevated privileges, potentially leading to full control of the system. This impacts confidentiality, integrity, and availability [1].
Mitigation
HP released security advisory HPSBUX9709-069 addressing this issue. Users should apply the patch provided in that advisory. Details are available in the referenced digest [1].
AI Insight generated on May 24, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
3cpe:2.3:o:hp:hp-ux:10:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:hp:hp-ux:10:*:*:*:*:*:*:*
- cpe:2.3:o:hp:hp-ux:9:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2News mentions
0No linked articles in our index yet.