Vulnerability Details CVE-2016-10351
Telegram Desktop 0.10.19 uses 0755 permissions for $HOME/.TelegramDesktop, which allows local users to obtain sensitive authentication information via standard filesystem operations.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 14.4%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 2.1
References
- https://github.com/telegramdesktop/tdesktop/issues/2666
- https://github.com/telegramdesktop/tdesktop/pull/3842/commits/388703b9ca1912a5438e37f9dd54c35805f2c594
- https://github.com/telegramdesktop/tdesktop/issues/2666
- https://github.com/telegramdesktop/tdesktop/pull/3842/commits/388703b9ca1912a5438e37f9dd54c35805f2c594
Products affected by CVE-2016-10351
-
cpe:2.3:a:telegram_desktop:telegram_desktop:0.10.19