Lucene search

MitreCVE-2017-8934

HistoryMay 15, 2017 - 2:29 p.m.

CVE-2017-8934

2017-05-1514:29:00

CWE-20

mitre

web.nvd.nist.gov

pcmanfm

cve-2017-8934

insecure usage

denial of service

nvd

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.8

Confidence

High

EPSS

Percentile

5.1%

JSON

PCManFM 1.2.5 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (application unavailability).

Affected configurations

Nvd

Node

pcmanfm_projectpcmanfmMatch1.2.5

VendorProductVersionCPE
pcmanfm_projectpcmanfm1.2.5cpe:2.3:a:pcmanfm_project:pcmanfm:1.2.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
pcmanfm_project	pcmanfm	1.2.5	cpe:2.3:a:pcmanfm_project:pcmanfm:1.2.5:::::::*

References

bugs.debian.org/862571

git.lxde.org/gitweb/?p=lxde/pcmanfm.git%3Ba=commit%3Bh=bc8c3d871e9ecc67c47ff002b68cf049793faf08

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.8

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVE-2017-8934