Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveRedhatCVE-2010-0436
HistoryApr 15, 2010 - 5:30 p.m.

CVE-2010-0436

2010-04-1517:30:00
CWE-362
redhat
web.nvd.nist.gov
45
cve-2010-0436
kdm
kde software compilation
race condition
file permissions
local users
privileges

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

8.9

Confidence

High

EPSS

0

Percentile

10.1%

JSON

Race condition in backend/ctrl.c in KDM in KDE Software Compilation (SC) 2.2.0 through 4.4.2 allows local users to change the permissions of arbitrary files, and consequently gain privileges, by blocking the removal of a certain directory that contains a control socket, related to improper interaction with ksm.

Affected configurations

Nvd
Node
kdekde_scMatch2.2.0
OR
kdekde_scMatch3.5.10
OR
kdekde_scMatch4.1.2
OR
kdekde_scMatch4.2.2
OR
kdekde_scMatch4.3.0
OR
kdekde_scMatch4.3.1
OR
kdekde_scMatch4.3.4
OR
kdekde_scMatch4.3.5
OR
kdekde_scMatch4.4.0
OR
kdekde_scMatch4.4.1
OR
kdekde_scMatch4.4.2
VendorProductVersionCPE
kdekde_sc2.2.0cpe:2.3:a:kde:kde_sc:2.2.0:*:*:*:*:*:*:*
kdekde_sc3.5.10cpe:2.3:a:kde:kde_sc:3.5.10:*:*:*:*:*:*:*
kdekde_sc4.1.2cpe:2.3:a:kde:kde_sc:4.1.2:*:*:*:*:*:*:*
kdekde_sc4.2.2cpe:2.3:a:kde:kde_sc:4.2.2:*:*:*:*:*:*:*
kdekde_sc4.3.0cpe:2.3:a:kde:kde_sc:4.3.0:*:*:*:*:*:*:*
kdekde_sc4.3.1cpe:2.3:a:kde:kde_sc:4.3.1:*:*:*:*:*:*:*
kdekde_sc4.3.4cpe:2.3:a:kde:kde_sc:4.3.4:*:*:*:*:*:*:*
kdekde_sc4.3.5cpe:2.3:a:kde:kde_sc:4.3.5:*:*:*:*:*:*:*
kdekde_sc4.4.0cpe:2.3:a:kde:kde_sc:4.4.0:*:*:*:*:*:*:*
kdekde_sc4.4.1cpe:2.3:a:kde:kde_sc:4.4.1:*:*:*:*:*:*:*
Rows per page:
1-10 of 111

Related

fedora 50
freebsd 1
openvas 113
centos 1
securityvulns 2
nessus 21
ubuntucve 1
ubuntu 1
debian 1
slackware 1
oraclelinux 1
osv 1
veracode 1
redhat 1
cvelist 1
nvd 1
prion 1
fedora
fedora
[SECURITY] Fedora 11 Update: kdepim-4.4.2-1.fc11
2010-04-16 23:53:19
[SECURITY] Fedora 12 Update: kdebindings-4.4.2-1.fc12
2010-04-16 23:34:07
[SECURITY] Fedora 11 Update: kdebase-runtime-4.4.2-1.fc11
2010-04-16 23:53:18
freebsd
freebsd
KDM -- local privilege escalation vulnerability
2010-04-13 00:00:00
openvas
openvas
Fedora Update for PyQt4 FEDORA-2010-6096
2010-04-19 00:00:00
Fedora Update for kdelibs FEDORA-2010-6096
2010-04-19 00:00:00
Fedora Update for oxygen-icon-theme FEDORA-2010-6077
2010-04-19 00:00:00
centos
centos
kdebase security update
2010-04-20 16:36:19
securityvulns
securityvulns
[ MDVSA-2010:074 ] kdebase
2010-04-19 00:00:00
KDE kdm race conditions
2010-04-19 00:00:00
nessus
nessus
Fedora 12 : PyQt4-4.7.2-2.fc12 / kdeaccessibility-4.4.2-1.fc12 / kdeadmin-4.4.2-1.fc12 / etc (2010-6096)
2010-07-01 00:00:00
SuSE 11 Security Update : kdm (SAT Patch Number 2136)
2010-12-02 00:00:00
RHEL 4 / 5 : kdebase (RHSA-2010:0348)
2010-05-11 00:00:00
ubuntucve
ubuntucve
CVE-2010-0436
2010-04-15 00:00:00
ubuntu
ubuntu
KDM vulnerability
2010-04-19 00:00:00
debian
debian
[SECURITY] [DSA 2037-1] New kdm packages fix privilege escalation
2010-04-17 21:54:51
slackware
slackware
[slackware-security] kdebase-workspace
2010-04-20 17:51:39
oraclelinux
oraclelinux
kdebase security update
2010-04-14 00:00:00
osv
osv
fileshareset-2.0-73.6 on GA media
2024-06-15 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:49:21
redhat
redhat
(RHSA-2010:0348) Important: kdebase security update
2010-04-14 00:00:00
cvelist
cvelist
CVE-2010-0436
2010-04-15 17:00:00
nvd
nvd
CVE-2010-0436
2010-04-15 17:30:00
prion
prion
Race condition
2010-04-15 17:30:00

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

8.9

Confidence

High

EPSS

0

Percentile

10.1%

JSON
Related for CVE-2010-0436
fedora50freebsd1openvas113centos1securityvulns2nessus21ubuntucve1ubuntu1debian1slackware1oraclelinux1osv1veracode1redhat1cvelist1nvd1prion1