CVE-2009-1756

CVE-2009-1756 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

SLiM Simple Login Manager 1.3.0 places the X authority magic cookie (mcookie) on the command line when invoking xauth from (1) app.cpp and (2) switchuser.cpp, which allows local users to access the X session by listing the process and its arguments.

Learn more about our User Device Pen Test.