PT-2014-8657 · Kde+1 · Kde-Workspace+2

Published

2014-11-07

Updated

2016-12-07

CVE-2014-8651

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions kde-workspace versions prior to 4.11.14 plasma-desktop versions prior to 5.1.1

Description The issue allows local users to gain privileges via a crafted ntpUtility argument in the KDE Clock KCM policykit helper.

Recommendations For kde-workspace versions prior to 4.11.14, update to version 4.11.14 or later. For plasma-desktop versions prior to 5.1.1, update to version 5.1.1 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2014-8651

MGASA-2014-0445

MGASA-2014-0480

SUSE-SU-2016:0303-1

SUSE-SU-2016_0303-1

USN-2402-1

Affected Products

Suse

Kde-Workspace

Plasma-Desktop

PT-2014-8657 · Kde+1 · Kde-Workspace+2

CVE-2014-8651

Weakness Enumeration

Related Identifiers

Affected Products

References · 35