CVE-2016-7787

Опубликовано: 23 дек. 2016

Источник: nvd

CVSS3: 4.9

CVSS2: 4

EPSS Низкий

Описание

A maliciously crafted command line for kdesu can result in the user only seeing part of the commands that will actually get executed as super user.

Ссылки

http://lists.opensuse.org/opensuse-updates/2016-10/msg00031.html
Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2016-10/msg00034.html
Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/09/29/7
Patch
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/93224
Third Party Advisory
VDB Entry
http://lists.opensuse.org/opensuse-updates/2016-10/msg00031.html
Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2016-10/msg00034.html
Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/09/29/7
Patch
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/93224
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:kde:kde-cli-tools:-:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

EPSS

Процентиль: 67%

0.0054

Низкий

4.9 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-94

Связанные уязвимости

CVE-2016-7787

CVSS3: 4.9

ubuntu

около 9 лет назад

A maliciously crafted command line for kdesu can result in the user only seeing part of the commands that will actually get executed as super user.

CVE-2016-7787

CVSS3: 4.9

debian

около 9 лет назад

A maliciously crafted command line for kdesu can result in the user on ...

GHSA-2rvv-92pm-m5p9

CVSS3: 4.9

github

больше 3 лет назад

A maliciously crafted command line for kdesu can result in the user only seeing part of the commands that will actually get executed as super user.

EPSS

Процентиль: 67%

0.0054

Низкий

4.9 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-94