CVE-2022-43752

Опубликовано: 31 окт. 2022

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

Oracle Solaris version 10 1/13, when using the Common Desktop Environment (CDE), is vulnerable to a privilege escalation vulnerability. A low privileged user can escalate to root by crafting a malicious printer and double clicking on the the crafted printer's icon.

Ссылки

http://phrack.org/issues/70/13.html#article
Exploit
Issue Tracking
Technical Description
Third Party Advisory
https://github.com/0xdea/exploits/blob/master/solaris/raptor_dtprintcheckdir_intel.c
Exploit
Third Party Advisory
http://phrack.org/issues/70/13.html#article
Exploit
Issue Tracking
Technical Description
Third Party Advisory
https://github.com/0xdea/exploits/blob/master/solaris/raptor_dtprintcheckdir_intel.c
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:common_desktop_environment_project:_common_desktop_environment:-:*:*:*:*:*:*:*

cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*

EPSS

Процентиль: 26%

0.00094

Низкий

7.8 High

CVSS3

Дефекты

CWE-120

Связанные уязвимости

GHSA-5x3r-56hw-m9mp

CVSS3: 7.8

github

больше 3 лет назад

** UNSUPPORTED WHEN ASSIGNED ** Oracle Solaris version 10 1/13, when using the Common Desktop Environment (CDE), is vulnerable to a privilege escalation vulnerability. A low privileged user can escalate to root by crafting a malicious printer and double clicking on the the crafted printer's icon.

BDU:2023-00512

CVSS3: 7.8

fstec

больше 3 лет назад

Уязвимость компонента Common Desktop Environment операционной системы Oracle Solaris, позволяющая нарушителю повысить свои привилегии до уровня root

EPSS

Процентиль: 26%

0.00094

Низкий

7.8 High

CVSS3

Дефекты

CWE-120