RSS   Podatności dla 'Kauth'   RSS

2019-05-07
 
CVE-2019-7443

CWE-20
 
 
KDE KAuth before 5.55 allows the passing of parameters with arbitrary types to helpers running as root over DBus via DBusHelperProxy.cpp. Certain types can cause crashes, and trigger the decoding of arbitrary images with dynamically loaded plugins. In other words, KAuth unintentionally causes this plugin code to run as root, which increases the severity of any possible exploitation of a plugin vulnerability.

 
2017-05-17
 
CVE-2017-8422

CWE-290
 
 
KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app.

 
2014-08-19
 
CVE-2014-5033

CWE-362
 
 
KDE kdelibs before 4.14 and kauth before 5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, related to CVE-2013-4288 and "PID reuse race conditions."

 

 >>> Vendor: KDE 49 Produkty
K-mail
KDE
Kde beta 3
KVT
KTV
Kdeutils
Konqueror
Klisa
Kopete
Konqueror embedded
Kdebase
Kdelibs
Koffice
KPDF
Dcopserver
Desktop communication protocol daemon
Kmail
Quanta
Kdegraphics
Kword
ARTS
Libkhtml
Ksirc
Amarok
Kmplayer
Kde sc
KGET
Kcheckpass
Kde pim
Kde-workspace
ARK
Trojita
Kauth
Kde-runtime
Kio-extras
Plasma-desktop
Kde applications
Plasma-workspace
Kde frameworks
Karchives
Kscreenlocker
Kde-cli-tools
KIO
Messagelib
Okular
Ktexteditor
Partition manager
Kimageformats
KATE

Copyright 2024, cxsecurity.com

 

Back to Top