Using Coverity Prevent, developers tracked down a critical security vulnerability in the X Window System, a graphical interface used in millions of computers, including most UNIX and Linux systems. The X Window System also ships as an optional GUI with Macintosh computers from Apple.
The vulnerability was found in versions X11R6.9.0 and X11R7.0.0 during a security analysis of 31 major open source projects that Coverity undertook as part of a DHS initiative. This pair of X Window System versions marked a major milestone when released in December of 2005, as they were the first major updates to the X Window System in more than a decade. After the X.Org development team received the results of the analysis, the vulnerability was fixed within a week. The security hole resulted from a missing parenthesis on a small piece of the program that checked the ID of the user. This flaw, caused by something as seemingly harmless as a missing closing parenthesis, allowed local users to execute code with root privileges, giving them the ability to overwrite system files or initiate denial of service attacks.
Related story:
Open Source Quality Check Completed By Government Funded Research
