Lucene search
UbuntuUSN-2402-1HistoryNov 11, 2014 - 12:00 a.m.
KDE workspace vulnerability
2014-11-1100:00:00
ubuntu.com
34
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
6.1 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Releases
- Ubuntu 12.04
Packages
- kde-workspace - KDE Plasma Workspace components
Details
David Edmundson discovered that the KDE Clock KCM policykit helper did not
properly guard against untrusted input. Under certain circumstances, a
process running under the user’s session could exploit this to run
programs as the administrator.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 12.04 | noarch | kde-workspace-bin | < 4:4.8.5-0ubuntu0.4 | UNKNOWN |
| Ubuntu | 12.04 | noarch | freespacenotifier | < 4:4.8.5-0ubuntu0.4 | UNKNOWN |
| Ubuntu | 12.04 | noarch | kde-style-oxygen | < 4:4.8.5-0ubuntu0.4 | UNKNOWN |
| Ubuntu | 12.04 | noarch | kde-window-manager | < 4:4.8.5-0ubuntu0.4 | UNKNOWN |
| Ubuntu | 12.04 | noarch | kde-window-manager-active | < 4:4.8.5-0ubuntu0.4 | UNKNOWN |
| Ubuntu | 12.04 | noarch | kde-window-manager-active-gles | < 4:4.8.5-0ubuntu0.4 | UNKNOWN |
| Ubuntu | 12.04 | noarch | kde-window-manager-common | < 4:4.8.5-0ubuntu0.4 | UNKNOWN |
| Ubuntu | 12.04 | noarch | kde-window-manager-gles | < 4:4.8.5-0ubuntu0.4 | UNKNOWN |
| Ubuntu | 12.04 | noarch | kde-workspace-dbg | < 4:4.8.5-0ubuntu0.4 | UNKNOWN |
| Ubuntu | 12.04 | noarch | kde-workspace-dev | < 4:4.8.5-0ubuntu0.4 | UNKNOWN |
References
Related
securityvulns
securityvulns
[USN-2402-1] KDE workspace vulnerabilities
2014-12-01 00:00:00
KDE Clock KCM privilege escalation
2014-12-01 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2016:0303-1)
2021-06-09 00:00:00
Mageia: Security Advisory (MGASA-2014-0480)
2022-01-28 00:00:00
Ubuntu: Security Advisory (USN-2402-1)
2014-11-11 00:00:00
nvd
nvd
CVE-2014-8651
2014-12-06 21:59:00
nessus
nessus
Ubuntu 12.04 LTS : kde-workspace vulnerabilities (USN-2402-1)
2014-11-11 00:00:00
GLSA-201512-12 : KDE Systemsettings: Privilege escalation
2016-01-04 00:00:00
Fedora 20 : kde-workspace-4.11.14-1.fc20 (2014-14813)
2014-11-17 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: kde-workspace-4.11.14-1.fc19
2014-11-17 06:33:14
[SECURITY] Fedora 20 Update: kde-workspace-4.11.14-1.fc20
2014-11-15 09:09:37
[SECURITY] Fedora 21 Update: kde-workspace-4.11.14-1.fc21
2014-11-16 14:45:28
cvelist
cvelist
CVE-2014-8651
2014-12-06 21:00:00
archlinux
archlinux
kdebase-workspace: local privilege escalation
2014-11-10 00:00:00
ubuntucve
ubuntucve
CVE-2014-8651
2014-11-07 00:00:00
gentoo
gentoo
KDE Systemsettings: Privilege escalation
2015-12-30 00:00:00
mageia
mageia
Updated kdebase4-workspace packages fix security vulnerability and various bugs
2014-11-21 16:38:07
Updated kdebase4-workspace packages fix security vulnerability and various bugs
2014-11-14 03:57:44
freebsd
freebsd
kde-workspace -- privilege escalation
2014-11-06 00:00:00
prion
prion
Code injection
2014-12-06 21:59:00
cve
cve
CVE-2014-8651
2014-12-06 21:59:00
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
6.1 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for USN-2402-1