Vulnerability Details CVE-2008-0162
misc.c in splitvt 1.6.6 and earlier does not drop group privileges before executing xprop, which allows local users to gain privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 15.9%
CVSS Severity
CVSS v2 Score 7.2
References
- http://secunia.com/advisories/29064
- http://secunia.com/advisories/29080
- http://secunia.com/advisories/29190
- http://security.gentoo.org/glsa/glsa-200803-05.xml
- http://www.debian.org/security/2008/dsa-1500
- http://www.securityfocus.com/bid/27936
- http://secunia.com/advisories/29064
- http://secunia.com/advisories/29080
- http://secunia.com/advisories/29190
- http://security.gentoo.org/glsa/glsa-200803-05.xml
- http://www.debian.org/security/2008/dsa-1500
- http://www.securityfocus.com/bid/27936
Products affected by CVE-2008-0162
-
cpe:2.3:a:sam_lantinga:splitvt:*
-
cpe:2.3:o:debian:debian_linux:4.0