Arbitrary Command Execution in xrdb.c

Arbitrary Command Execution in xrdb.c

CVE-2011-0465 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message.

Learn more about our Web Application Penetration Testing UK.