A local user who has been granted the "solaris.cluster.gui" authorization may be able to view files which would normally be inaccessible to that user due to a security vulnerability in the Sun Cluster SunPlex Manager GUI.

The Xorg X server (see Xorg(1)) is one of the X Window System display servers available on the Solaris x86 platform. A local unprivileged user may be able to create or overwrite any file on the system or execute arbitrary code with elevated privileges due to several security vulnerabilities found in the Xorg X server.

Sun acknowledges, with thanks, the X.Org Foundation for bringing these issues to our attention. Sun also thanks Coverity for donating their 'Coverity Prevent' product to the X.Org Foundation which uncovered these issues.

These issues are referenced in the following document:

CVE-2006-0745 at: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0745

A local unprivileged user may be able to cause significant performance degradation, hang the system, or panic the system, resulting in a Denial of Service (DoS) condition. This is due to a security vulnerability involving the pagedata subsystem of the process file system "/proc" (see proc(4)).

A security vulnerability in the Sun Grid Engine 5.3/N1 Grid Engine 6.0 rsh(1) binary may allow a local unprivileged user the ability to gain unauthorized root access.

A security vulnerability in the "/usr/ucb/ps" (see ps(1B)) command may allow unprivileged local users the ability to see environment variables and their values for processes which belong to other users.

Security vulnerabilities in "Safe.pm" and "CGI.pm" Perl modules may allow the following:

1. The "Safe.pm" Perl module contains a security vulnerability which may allow a local or remote unprivileged user to bypass compartment access controls if a Perl application utilizes the "Safe.pm" Perl module.

2. The "CGI.pm" Perl module contains a cross site scripting security vulnerability, see the following URLs for details about cross site scripting and web script vulnerabilities:

• http://www.cert.org/archive/pdf/cross_site_scripting.pdf
• http://www.cert.org/tech_tips/malicious_code_FAQ.html
• http://www.cert.org/advisories/CA-2000-02.html

Due to this "CGI.pm" cross site scripting vulnerability users may unintentionally execute scripts in their browser written by a remote unprivileged user if they follow untrusted links/URIs in web pages, mail messages, or newsgroup postings. By following these untrusted links/URIs, the remote attacker may be able to execute commands with the privileges of the user who accessed the link/URI.

These issues are described here:

• CIAC Bulletin n-155 - http://www.ciac.org/ciac/bulletins/n-155.shtml
• CAN-2003-0615 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0615
• CAN-2002-1223 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1323

Due to multiple security vulnerabilities in the libgdk_pixbuf library, a remote unprivileged user may be able to execute arbitrary code with the privileges of a local user when that local user has loaded an XPixmap (Xpm) format image file supplied by an untrusted user.

The libgdk_pixbuf library is part of the GIMP Toolkit (GTK+) and is used for loading and rendering images.

These issues are described in the following documents:

• http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0782
• http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0783