Vulnerability Details CVE-2015-3256
PolicyKit (aka polkit) before 0.113 allows local users to cause a denial of service (memory corruption and polkitd daemon crash) and possibly gain privileges via unspecified vectors, related to "javascript rule evaluation."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 32.2%
CVSS Severity
CVSS v2 Score 4.6
References
- http://lists.freedesktop.org/archives/polkit-devel/2015-July/000432.html
- http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00010.html
- http://lists.opensuse.org/opensuse-updates/2015-11/msg00042.html
- http://rhn.redhat.com/errata/RHSA-2016-0189.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
- http://www.securityfocus.com/bid/77356
- http://www.securitytracker.com/id/1035023
- https://bugzilla.redhat.com/show_bug.cgi?id=1245684
- http://lists.freedesktop.org/archives/polkit-devel/2015-July/000432.html
- http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00010.html
- http://lists.opensuse.org/opensuse-updates/2015-11/msg00042.html
- http://rhn.redhat.com/errata/RHSA-2016-0189.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
- http://www.securityfocus.com/bid/77356
- http://www.securitytracker.com/id/1035023
- https://bugzilla.redhat.com/show_bug.cgi?id=1245684
Products affected by CVE-2015-3256
-
cpe:2.3:a:polkit_project:polkit:-
-
cpe:2.3:a:polkit_project:polkit:0.100
-
cpe:2.3:a:polkit_project:polkit:0.101
-
cpe:2.3:a:polkit_project:polkit:0.102
-
cpe:2.3:a:polkit_project:polkit:0.103
-
cpe:2.3:a:polkit_project:polkit:0.104
-
cpe:2.3:a:polkit_project:polkit:0.105
-
cpe:2.3:a:polkit_project:polkit:0.106
-
cpe:2.3:a:polkit_project:polkit:0.107
-
cpe:2.3:a:polkit_project:polkit:0.108
-
cpe:2.3:a:polkit_project:polkit:0.109
-
cpe:2.3:a:polkit_project:polkit:0.110
-
cpe:2.3:a:polkit_project:polkit:0.111
-
cpe:2.3:a:polkit_project:polkit:0.112
-
cpe:2.3:a:polkit_project:polkit:0.3
-
cpe:2.3:a:polkit_project:polkit:0.4
-
cpe:2.3:a:polkit_project:polkit:0.5
-
cpe:2.3:a:polkit_project:polkit:0.6
-
cpe:2.3:a:polkit_project:polkit:0.7
-
cpe:2.3:a:polkit_project:polkit:0.8
-
cpe:2.3:a:polkit_project:polkit:0.9
-
cpe:2.3:a:polkit_project:polkit:0.91
-
cpe:2.3:a:polkit_project:polkit:0.92
-
cpe:2.3:a:polkit_project:polkit:0.93
-
cpe:2.3:a:polkit_project:polkit:0.94
-
cpe:2.3:a:polkit_project:polkit:0.95
-
cpe:2.3:a:polkit_project:polkit:0.96
-
cpe:2.3:a:polkit_project:polkit:0.97
-
cpe:2.3:a:polkit_project:polkit:0.98
-
cpe:2.3:a:polkit_project:polkit:0.99
-
cpe:2.3:o:opensuse:opensuse:13.1
-
cpe:2.3:o:opensuse:opensuse:13.2