Vulnerability Details CVE-2014-1845
An unspecified setuid root helper in Enlightenment before 0.17.6 allows local users to gain privileges by leveraging failure to properly sanitize the environment.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 19.8%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 4.6
References
- http://www.openwall.com/lists/oss-security/2014/02/03/19
- https://bugzilla.redhat.com/show_bug.cgi?id=1059410
- https://exchange.xforce.ibmcloud.com/vulnerabilities/91216
- https://git.enlightenment.org/core/enlightenment.git/commit/?id=666df815cd86a50343859bce36c5cf968c5f38b0
- https://git.enlightenment.org/core/enlightenment.git/commit/?id=bb4a21e98656fe2c7d98ba2163e6defe9a630e2b
- http://www.openwall.com/lists/oss-security/2014/02/03/19
- https://bugzilla.redhat.com/show_bug.cgi?id=1059410
- https://exchange.xforce.ibmcloud.com/vulnerabilities/91216
- https://git.enlightenment.org/core/enlightenment.git/commit/?id=666df815cd86a50343859bce36c5cf968c5f38b0
- https://git.enlightenment.org/core/enlightenment.git/commit/?id=bb4a21e98656fe2c7d98ba2163e6defe9a630e2b
Products affected by CVE-2014-1845
-
cpe:2.3:a:enlightenment:enlightenment:0.17.0
-
cpe:2.3:a:enlightenment:enlightenment:0.17.1
-
cpe:2.3:a:enlightenment:enlightenment:0.17.2
-
cpe:2.3:a:enlightenment:enlightenment:0.17.2.1
-
cpe:2.3:a:enlightenment:enlightenment:0.17.3
-
cpe:2.3:a:enlightenment:enlightenment:0.17.4
-
cpe:2.3:a:enlightenment:enlightenment:0.17.5