[email protected]NVD:CVE-2014-8651

HistoryDec 06, 2014 - 9:59 p.m.

CVE-2014-8651

2014-12-0621:59:00

CWE-264

[email protected]

web.nvd.nist.gov

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.2 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

The KDE Clock KCM policykit helper in kde-workspace before 4.11.14 and plasma-desktop before 5.1.1 allows local users to gain privileges via a crafted ntpUtility (ntp utility name) argument.

Affected configurations

NVD

Node

kdeplasma-desktopRange≤5.1

Node

kdekde-workspaceRange≤4.11.13

References

lists.fedoraproject.org/pipermail/package-announce/2014-November/143781.html

lists.fedoraproject.org/pipermail/package-announce/2014-November/144034.html

lists.fedoraproject.org/pipermail/package-announce/2014-November/144093.html

www.openwall.com/lists/oss-security/2014/11/04/9

www.openwall.com/lists/oss-security/2014/11/07/3

www.securityfocus.com/bid/70904

www.ubuntu.com/usn/USN-2402-1

security.gentoo.org/glsa/201512-12

www.kde.org/info/security/advisory-20141106-1.txt

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.2 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2014-8651

fedora3 cvelist1 archlinux1 nessus8 securityvulns2 openvas7 prion1 mageia2 cve1 ubuntu1 ubuntucve1 gentoo1 freebsd1