CVE-2016-3100

2016-07-13T11:59:02
ID CVE-2016-3100
Type cve
Reporter NVD
Modified 2016-11-28T15:06:19

Description

kinit in KDE Frameworks before 5.23.0 uses weak permissions (644) for /tmp/xauth-xxx-_y, which allows local users to obtain X11 cookies of other users and consequently capture keystrokes and possibly gain privileges by reading the file.