CVE-1999-1137

Published: Oct 1, 1993Modified: Apr 16, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

The permissions for the /dev/audio device on Solaris 2.2 and earlier, and SunOS 4.1.x, allow any local user to read from the device, which could be used by an attacker to monitor conversations happening near a machine that has a microphone.

Affected (5)

Products: Sun: Solaris, Sunos

Sun

2 products

Solaris

Sunos

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Sun Solaris	All versions
Sun Sunos	All versions
Sun Sunos	Up to 5.2
Sun Sunos	Version 4.1
Sun Sunos	Version 5.0

References (8)

http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/122&type=0&nav=sec.sba

Source: cve@mitre.org

PatchVendor Advisory

http://www.ciac.org/ciac/bulletins/e-01.shtml

Source: cve@mitre.org

PatchVendor Advisory

http://www.osvdb.org/6436

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/549

Source: cve@mitre.org

http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/122&type=0&nav=sec.sba

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.ciac.org/ciac/bulletins/e-01.shtml

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.osvdb.org/6436

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/549

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.