VYPR
Unrated severityNVD Advisory· Published Aug 30, 2006· Updated Jun 16, 2026

CVE-2006-4447

CVE-2006-4447

Description

X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

16
  • cpe:2.3:a:x.org:emu-linux-x87-xlibs:7.0_r1:*:*:*:*:*:*:*
  • Xorg/X11r64 versions
    cpe:2.3:a:x.org:x11r6:6.7.0:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:x.org:x11r6:6.7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:x.org:x11r6:6.8:*:*:*:*:*:*:*
    • cpe:2.3:a:x.org:x11r6:6.8.1:*:*:*:*:*:*:*
    • cpe:2.3:a:x.org:x11r6:6.8.2:*:*:*:*:*:*:*
  • Xorg/X11r73 versions
    cpe:2.3:a:x.org:x11r7:1.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:x.org:x11r7:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:x.org:x11r7:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:x.org:x11r7:1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:x.org:xdm:1.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:x.org:xf86dga:1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:x.org:xinit:1.0.2_r5:*:*:*:*:*:*:*
  • cpe:2.3:a:x.org:xload:1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:x.org:xorg-server:1.02_r5:*:*:*:*:*:*:*
  • cpe:2.3:a:x.org:xterm:214:*:*:*:*:*:*:*
  • Xorg/X.orgllm-create
  • Xfree86/Xfree86llm-fuzzy

Patches

Vulnerability mechanics

References

17

News mentions

0

No linked articles in our index yet.