Lucene search
HistoryJul 01, 2015 - 2:59 p.m.
CVE-2015-3164
xwayland
authentication bypass
nvd
cve-2015-3164
7.1 High
AI Score
Confidence
High
3.6 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:P/A:N
0.0004 Low
EPSS
Percentile
5.2%
The authentication setup in XWayland 1.16.x and 1.17.x before 1.17.2 starts the server in non-authenticating mode, which allows local users to read from or send information to arbitrary X11 clients via vectors involving a UNIX socket.
Related
ubuntucve
ubuntucve
CVE-2015-3164
2015-07-01 00:00:00
mageia
mageia
Updated x11-server packages fix security vulnerability
2015-08-21 21:54:52
prion
prion
Authentication flaw
2015-07-01 14:59:00
nessus
nessus
openSUSE Security Update : XWayland (openSUSE-2015-438)
2015-06-23 00:00:00
Fedora 22 : xorg-x11-server (2015-10336)
2016-07-14 00:00:00
GLSA-201701-64 : X.Org X Server: Multiple vulnerabilities
2017-01-26 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0316)
2015-10-15 00:00:00
cvelist
cvelist
CVE-2015-3164
2015-07-01 14:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: xorg-x11-server-1.17.2-1.fc22
2015-06-23 09:15:27
debiancve
debiancve
CVE-2015-3164
2015-07-01 14:59:00
cve
cve
CVE-2015-3168
2015-05-19 10:59:00
gentoo
gentoo
X.Org X Server: Multiple vulnerabilities
2017-01-25 00:00:00
7.1 High
AI Score
Confidence
High
3.6 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:P/A:N
0.0004 Low
EPSS
Percentile
5.2%
Related for CVE-2015-3164