It is easy to dismiss these vulnerabilities from a perspective of a common desktop user. "I already have privileges on this box" or "any desktop user already has a way to escalate privileges."
But X11 is also used in process control settings where crappy ancient programs run on decrepit old machines with modern X.org servers used for displays. Would we be so dismissive if someone revealed a host of major vulnerabilities in VNC or RDP clients? (Probably. :))
But X11 is also used in process control settings where crappy ancient programs run on decrepit old machines with modern X.org servers used for displays. Would we be so dismissive if someone revealed a host of major vulnerabilities in VNC or RDP clients? (Probably. :))