Note: This is an archival copy of Security Sun Alert 264048 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1020746.1.
Date of Preliminary Release
Date of Workaround Release
A security vulnerability in the Solaris XScreenSaver (see xscreensaver(1)) program may allow local unprivileged users to read sensitive information.
2. Contributing FactorsThis issue can occur in the following releases:
Note: OpenSolaris distributions may include additional bug fixes above and beyond the build from which it was derived.
The base build can be derived as follows:
$ uname -v
Note: Systems are only impacted by this issue if they have the package SUNWxwsvr installed.
To determine if this package is installed, the following command can
$ pkginfo SUNWxwsvr
There are no predictable symptoms that would indicate the described vulnerability has been exploited to reveal sensitive information.