Lucene search
Ubuntu.comUB:CVE-2022-37706HistoryDec 25, 2022 - 12:00 a.m.
CVE-2022-37706
2022-12-2500:00:00
ubuntu.com
ubuntu.com
24
enlightenment
cve-2022-37706
local privilege escalation
system library
mishandles pathnames
gain privileges
setuid root
/dev/.. substring.
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
34.4%
enlightenment_sys in Enlightenment before 0.25.4 allows local users to gain
privileges because it is setuid root, and the system library function
mishandles pathnames that begin with a /dev/… substring.
Related
debian
debian
[SECURITY] [DLA 3115-1] e17 security update
2022-09-19 10:46:34
[SECURITY] [DSA 5233-1] e17 security update
2022-09-21 18:42:16
fedora
fedora
[SECURITY] Fedora 36 Update: enlightenment-0.25.4-1.fc36
2022-10-03 01:13:19
[SECURITY] Fedora 35 Update: efl-1.26.3-1.fc35
2022-10-03 00:51:38
[SECURITY] Fedora 36 Update: efl-1.26.3-1.fc36
2022-10-03 01:13:19
openvas
openvas
Debian: Security Advisory (DSA-5233-1)
2022-09-24 00:00:00
Fedora: Security Advisory for efl (FEDORA-2022-7090749bf4)
2022-10-03 00:00:00
Debian: Security Advisory (DLA-3115-1)
2022-09-20 00:00:00
prion
prion
Code injection
2022-12-25 19:15:00
zdt
zdt
Enlightenment v0.25.3 - Privilege escalation Vulnerability
2023-04-02 00:00:00
packetstorm
packetstorm
Enlightenment 0.25.3 Privilege Escalation
2022-12-27 00:00:00
Ubuntu 22.04.1 X64 Desktop Enlightenment 0.25.3-1 Privilege Escalation
2022-10-05 00:00:00
nessus
nessus
Fedora 36 : efl / enlightenment (2022-0cc77b384a)
2022-12-23 00:00:00
openSUSE 15 Security Update : enlightenment (openSUSE-SU-2022:10153-1)
2022-10-20 00:00:00
Debian DSA-5233-1 : e17 - security update
2022-09-22 00:00:00
cnvd
cnvd
Enlightenment Elevation of Privilege Vulnerability (CNVD-2022-63641)
2022-09-15 00:00:00
cve
cve
CVE-2022-37706
2022-12-25 19:15:10
cvelist
cvelist
CVE-2022-37706
2022-12-25 00:00:00
osv
osv
e17 - security update
2022-09-19 00:00:00
e17 - security update
2022-09-21 00:00:00
suse
suse
Security update for enlightenment (important)
2022-10-19 00:00:00
githubexploit
githubexploit
Exploit for Improper Privilege Management in Enlightenment
2022-09-12 19:22:44
Exploit for Improper Privilege Management in Enlightenment
2023-04-25 19:28:32
Exploit for Improper Privilege Management in Enlightenment
2022-09-18 08:04:08
mageia
mageia
Updated enlightenment packages fix security vulnerability
2022-10-08 23:22:22
debiancve
debiancve
CVE-2022-37706
2022-12-25 19:15:10
nvd
nvd
CVE-2022-37706
2022-12-25 19:15:10
metasploit
metasploit
Ubuntu Enlightenment Mount Priv Esc
2022-10-01 15:24:29
exploitdb
exploitdb
Enlightenment v0.25.3 - Privilege escalation
2023-04-01 00:00:00
rapid7blog
rapid7blog
Metasploit Weekly Wrap-Up
2022-10-07 19:07:40
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
34.4%
Related for UB:CVE-2022-37706