6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.3%
Package : kde4libs
Version : 4:4.4.5-2+squeeze4
CVE ID : CVE-2014-5033
It was discovered that KAuth, part of kdelibs, uses polkit in a way
that is prone to a race condition that may allow authorization bypass.
Attachment:
signature.asc
Description: This is a digitally signed message part.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 6 | amd64 | kdelibs5-dev | < 4:4.4.5-2+squeeze4 | kdelibs5-dev_4:4.4.5-2+squeeze4_amd64.deb |
Debian | 7 | i386 | libkimproxy4 | < 4:4.8.4-4+deb7u1 | libkimproxy4_4:4.8.4-4+deb7u1_i386.deb |
Debian | 6 | i386 | libnepomukquery4a | < 4:4.4.5-2+squeeze4 | libnepomukquery4a_4:4.4.5-2+squeeze4_i386.deb |
Debian | 7 | kfreebsd-amd64 | libkdecore5 | < 4:4.8.4-4+deb7u1 | libkdecore5_4:4.8.4-4+deb7u1_kfreebsd-amd64.deb |
Debian | 6 | i386 | libkrossui4 | < 4:4.4.5-2+squeeze4 | libkrossui4_4:4.4.5-2+squeeze4_i386.deb |
Debian | 7 | armel | kdelibs5-dbg | < 4:4.8.4-4+deb7u1 | kdelibs5-dbg_4:4.8.4-4+deb7u1_armel.deb |
Debian | 7 | sparc | libthreadweaver4 | < 4:4.8.4-4+deb7u1 | libthreadweaver4_4:4.8.4-4+deb7u1_sparc.deb |
Debian | 7 | i386 | libkfile4 | < 4:4.8.4-4+deb7u1 | libkfile4_4:4.8.4-4+deb7u1_i386.deb |
Debian | 7 | s390 | libknewstuff3-4 | < 4:4.8.4-4+deb7u1 | libknewstuff3-4_4:4.8.4-4+deb7u1_s390.deb |
Debian | 7 | powerpc | libkutils4 | < 4:4.8.4-4+deb7u1 | libkutils4_4:4.8.4-4+deb7u1_powerpc.deb |