Lucene search
K

18 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:36 a.m.3 views

SUSE CVE-2013-4324

spice-gtk 0.14, and possibly other versions, invokes the polkit authority using the insecure polkitunixprocessnew API function, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a 1 setuid process or 2 pkexec process...

4.6CVSS7.1AI score0.00384EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.22 views

Oracle: Security Advisory (ELSA-2013-1273)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.6CVSS6.5AI score0.00384EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.28 views

openSUSE Security Update : spice-gtk (openSUSE-SU-2013:1562-1)

spice-gtk received fixes for the acl helper policy kit checks that had a race condition in PID checking. CVE-2013-4324, bnc844967. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

4.6CVSS5.2AI score0.00384EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2013/12/23 12:0 a.m.31 views

Fedora Update for spice-gtk FEDORA-2013-17195

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.6CVSS6.5AI score0.00384EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/12/20 12:0 a.m.32 views

Fedora 18 : spice-gtk-0.18-3.fc18 (2013-17195)

Fix CVE-2013-4324 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable Networ...

4.6CVSS5.3AI score0.00384EPSS
Exploits0References1
OSV
OSV
added 2013/10/03 9:55 p.m.9 views

CVE-2013-4324

spice-gtk 0.14, and possibly other versions, invokes the polkit authority using the insecure polkitunixprocessnew API function, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a 1 setuid process or 2 pkexec process...

6.2AI score
Exploits0References5
OSV
OSV
added 2013/10/03 9:55 p.m.1 views

DEBIAN-CVE-2013-4324

spice-gtk 0.14, and possibly other versions, invokes the polkit authority using the insecure polkitunixprocessnew API function, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a 1 setuid process or 2 pkexec process...

4.6CVSS7AI score0.00384EPSS
Exploits0References1
CVE
CVE
added 2013/10/03 9:0 p.m.102 views

CVE-2013-4324

CVE-2013-4324 affects spice-gtk 0.14 (and possibly other versions) by invoking polkit authority via the insecure polkit_unix_process_new API. This creates a PolkitUnixProcess PolkitSubject race condition exploitable by a local attacker through a setuid process or a pkexec process, allowing bypass...

4.6CVSS6.3AI score0.00384EPSS
Exploits0References5Affected Software1
OpenVAS
OpenVAS
added 2013/10/03 12:0 a.m.22 views

Fedora Update for spice-gtk FEDORA-2013-17109

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.6CVSS6.5AI score0.00384EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/09/27 12:0 a.m.33 views

Fedora 19 : spice-gtk-0.20-6.fc19 (2013-17109)

Fix CVE-2013-4324 Insecure calling of polkit via polkitunixprocessnew Add a few upstream patches fixing bugs in spice-gtk 0.20 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean...

4.6CVSS5.3AI score0.00384EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2013/09/24 12:0 a.m.18 views

CentOS Update for spice-glib CESA-2013:1273 centos6

Check for the Version of spice-glib OpenVAS Vulnerability Test CentOS Update for spice-glib CESA-2013:1273 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

4.6CVSS6.4AI score0.00384EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/09/24 12:0 a.m.14 views

CentOS Update for spice-glib CESA-2013:1273 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.6CVSS5.2AI score0.00384EPSS
Exploits0References2
Cent OS
Cent OS
added 2013/09/20 2:25 a.m.70 views

spice security update

CentOS Errata and Security Advisory CESA-2013:1273 Updated spice-gtk packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base...

4.6CVSS5.8AI score0.00384EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2013/09/20 12:0 a.m.31 views

Oracle Linux 6 : spice-gtk (ELSA-2013-1273)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2013-1273 advisory. - New build with correct patch for CVE-2013-4324 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note th...

4.6CVSS5.5AI score0.00384EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/09/20 12:0 a.m.26 views

CentOS 6 : spice-gtk (CESA-2013:1273)

Updated spice-gtk packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

4.6CVSS5.4AI score0.00384EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/09/20 12:0 a.m.31 views

Scientific Linux Security Update : spice-gtk on SL6.x i386/x86_64 (20130919)

spice-gtk communicated with PolicyKit for authorization via an API that is vulnerable to a race condition. This could lead to intended PolicyKit authorizations being bypassed. This update modifies spice-gtk to communicate with PolicyKit via a different API that is not vulnerable to the race...

4.6CVSS5.3AI score0.00384EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/09/20 12:0 a.m.35 views

RHEL 6 : spice-gtk (RHSA-2013:1273)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:1273 advisory. The spice-gtk packages provide a GIMP Toolkit GTK+ widget for SPICE Simple Protocol for Independent Computing Environments clients. Both Virtual...

4.6CVSS5.5AI score0.00384EPSS
Exploits0References4
Oracle linux
Oracle linux
added 2013/09/19 12:0 a.m.30 views

spice-gtk security update

0.14-7.3 - New build with correct patch for CVE-2013-4324 0.14-7.2 - Fix race condition in policykit use CVE-2013-4324 Resolves: CVE-2013-4324...

4.6CVSS1.1AI score0.00384EPSS
Exploits0
Rows per page
Query Builder