Unrated severityNVD Advisory· Published Jul 15, 1998· Updated Apr 16, 2026

CVE-1999-1297

Description

cmdtool in OpenWindows 3.0 and XView 3.0 in SunOS 4.1.4 and earlier allows attackers with physical access to the system to display unechoed characters (such as those from password prompts) via the L2/AGAIN key.

Affected products

Sun Corporation/Sunos6 versions
cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*
- cpe:2.3:o:sun:sunos:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:sun:sunos:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:o:sun:sunos:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:sun:sunos:4.1.3:*:*:*:*:*:*:*
- cpe:2.3:o:sun:sunos:4.1.4:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

sunsolve.sun.com/pub-cgi/retrieve.plnvdPatch
exchange.xforce.ibmcloud.com/vulnerabilities/7482nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000