Lucene search

[email protected]CVE-2015-1307

HistoryJan 26, 2015 - 3:59 p.m.

CVE-2015-1307

2015-01-2615:59:15

CWE-284

[email protected]

web.nvd.nist.gov

cve-2015-1307

plasma-workspace

remote attackers

passwords

trojan horse

look and feel package

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

6.8 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.7%

JSON

plasma-workspace before 5.1.95 allows remote attackers to obtain passwords via a Trojan horse Look and Feel package.

Affected configurations

NVD

Node

kdeplasma-workspaceRange≤5.1

CPENameOperatorVersion
kde:plasma-workspacekde plasma-workspacele5.1

CPE	Name	Operator	Version
kde:plasma-workspace	kde plasma-workspace	le	5.1

References

www.openwall.com/lists/oss-security/2015/01/22/6

www.securityfocus.com/bid/72285

www.kde.org/info/security/advisory-20150122-1.txt

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

6.8 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.7%

JSON

Related for CVE-2015-1307

prion1 nvd1 ubuntucve1 cvelist1