CVE-2023-24039
Solaris 10 dtprintinfo / libXm / libXpm Security Issues
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
A stack-based buffer overflow in ParseColors in libXm in Common Desktop Environment 1.6 can be exploited by local low-privileged users via the dtprintinfo setuid binary to escalate their privileges to root on Solaris 10 systems. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Los usuarios locales con pocos privilegios pueden aprovechar un desbordamiento de búfer en la región stack de la memoria en ParseColors en libXm en Common Desktop Environment 1.6 a través del binario dtprintinfo setuid para escalar sus privilegios a root en sistemas Solaris 10. NOTA: Esta vulnerabilidad solo afecta a productos que ya no son compatibles con el fabricante.
Multiple vulnerabilities have been discovered across Common Desktop Environment version 1.6, Motif version 2.1, and X.Org libXpm versions prior to 3.5.15 on Oracle Solaris 10 that can be chained together to achieve root.
CVSS Scores
SSVC
- Decision:Attend
Timeline
- 2023-01-20 CVE Published
- 2023-01-20 First Exploit
- 2023-01-21 CVE Reserved
- 2025-04-02 CVE Updated
- 2025-04-15 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-787: Out-of-bounds Write
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://seclists.org/fulldisclosure/2023/Jan/24 | Mailing List |
|
| https://github.com/0xdea/exploits/blob/master/solaris/raptor_dtprintlibXmas.c | Third Party Advisory | |
| https://github.com/hnsecurity/vulns/blob/main/HNS-2022-01-dtprintinfo.txt | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| https://packetstorm.news/files/id/170620 | 2023-01-20 | |
| https://security.humanativaspa.it/nothing-new-under-the-sun | 2025-04-02 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Opengroup Search vendor "Opengroup" | Common Desktop Environment Search vendor "Opengroup" for product "Common Desktop Environment" | 1.6 Search vendor "Opengroup" for product "Common Desktop Environment" and version "1.6" | - |
Affected
| ||||||