CVE-2014-8651

Опубликовано: 06 дек. 2014

Источник: debian

Описание

The KDE Clock KCM policykit helper in kde-workspace before 4.11.14 and plasma-desktop before 5.1.1 allows local users to gain privileges via a crafted ntpUtility (ntp utility name) argument.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
kde-workspace	fixed	4:4.11.13-2		package

Примечания

https://projects.kde.org/projects/kde/kde-workspace/repository/diff?rev=54d0bfb5effff9c8cf60da890b7728cbe36a454e&rev_to=fd2aa9deed44fad6107625ad7360157fea7296f6
On Debian changing the clock requires authentication, so it's not exploitable
in the standard setup

Связанные уязвимости

CVE-2014-8651

ubuntu

около 11 лет назад

The KDE Clock KCM policykit helper in kde-workspace before 4.11.14 and plasma-desktop before 5.1.1 allows local users to gain privileges via a crafted ntpUtility (ntp utility name) argument.

CVE-2014-8651

redhat

больше 11 лет назад

The KDE Clock KCM policykit helper in kde-workspace before 4.11.14 and plasma-desktop before 5.1.1 allows local users to gain privileges via a crafted ntpUtility (ntp utility name) argument.

CVE-2014-8651

nvd

около 11 лет назад

The KDE Clock KCM policykit helper in kde-workspace before 4.11.14 and plasma-desktop before 5.1.1 allows local users to gain privileges via a crafted ntpUtility (ntp utility name) argument.

SUSE-SU-2016:0303-1

suse-cvrf

около 10 лет назад

Security update for kdebase4-workspace

GHSA-qpg7-58m4-m59v

github

больше 3 лет назад

The KDE Clock KCM policykit helper in kde-workspace before 4.11.14 and plasma-desktop before 5.1.1 allows local users to gain privileges via a crafted ntpUtility (ntp utility name) argument.