CVE-2016-3100 in KDE Frameworksالمعلومات

الملخص

بحسب MITRE

kinit in KDE Frameworks before 5.23.0 uses weak permissions (644) for /tmp/xauth-xxx-_y, which allows local users to obtain X11 cookies of other users and consequently capture keystrokes and possibly gain privileges by reading the file.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

حجز

10/03/2016

إفشاء

13/07/2016

الاعتدال

تمت الموافقة

إدخال

VDB-89213

EPSS

0.00048

KEV

لا

النشاطات

منخفض جدًا

المصادر

MITREhttps://www.cve.org/CVERecord?id=CVE-2016-3100
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2016-3100
CVE Detailshttps://www.cvedetails.com/cve/CVE-2016-3100/

التالي نظرة عامة السابق

Do you want to use VulDB in your project?

Use the official API to access entries easily!