6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
8.9 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
Package : kde4libs
Version : 4:4.4.5-2+squeeze4
CVE ID : CVE-2014-5033
It was discovered that KAuth, part of kdelibs, uses polkit in a way
that is prone to a race condition that may allow authorization bypass.
Attachment:
signature.asc
Description: This is a digitally signed message part.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 7 | i386 | libnepomukquery4a | < 4:4.8.4-4+deb7u1 | libnepomukquery4a_4:4.8.4-4+deb7u1_i386.deb |
Debian | 7 | powerpc | libnepomuk4 | < 4:4.8.4-4+deb7u1 | libnepomuk4_4:4.8.4-4+deb7u1_powerpc.deb |
Debian | 7 | i386 | kdelibs5-dbg | < 4:4.8.4-4+deb7u1 | kdelibs5-dbg_4:4.8.4-4+deb7u1_i386.deb |
Debian | 7 | amd64 | libknewstuff2-4 | < 4:4.8.4-4+deb7u1 | libknewstuff2-4_4:4.8.4-4+deb7u1_amd64.deb |
Debian | 7 | sparc | kdelibs5-dev | < 4:4.8.4-4+deb7u1 | kdelibs5-dev_4:4.8.4-4+deb7u1_sparc.deb |
Debian | 7 | armel | libsolid4 | < 4:4.8.4-4+deb7u1 | libsolid4_4:4.8.4-4+deb7u1_armel.deb |
Debian | 7 | i386 | libnepomuk4 | < 4:4.8.4-4+deb7u1 | libnepomuk4_4:4.8.4-4+deb7u1_i386.deb |
Debian | 7 | armhf | libknewstuff2-4 | < 4:4.8.4-4+deb7u1 | libknewstuff2-4_4:4.8.4-4+deb7u1_armhf.deb |
Debian | 7 | amd64 | libkrossui4 | < 4:4.8.4-4+deb7u1 | libkrossui4_4:4.8.4-4+deb7u1_amd64.deb |
Debian | 7 | sparc | libkdewebkit5 | < 4:4.8.4-4+deb7u1 | libkdewebkit5_4:4.8.4-4+deb7u1_sparc.deb |