← Back

Xfce

xfce

Vendor: Xfree86 Project • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2000-1060
1Xfree86 Project
1Xfce
Apr 16, 2026
Dec 11, 2000
N/A· v4
N/A· v3
4.6 MEDIUM· v2
The default configuration of XFCE 3.5.1 bypasses the Xauthority access control mechanism with an "xhost + localhost" command in the xinitrc program, which allows local users to sniff X Windows traffic and gain privileges...Show more
The default configuration of XFCE 3.5.1 bypasses the Xauthority access control mechanism with an "xhost + localhost" command in the xinitrc program, which allows local users to sniff X Windows traffic and gain privileges.Show less