CVE-2022-43752

Name of the Vulnerable Software and Affected Versions Oracle Solaris version 10 1/13

Description The issue is a privilege escalation vulnerability that can be exploited by a low-privileged user to gain root access. This is achieved by crafting a malicious printer and double-clicking on the crafted printer's icon. The vulnerability is caused by a stack buffer overflow in the Common Desktop Environment (CDE) component of Oracle Solaris.

Recommendations For Oracle Solaris version 10 1/13, consider disabling the use of the Common Desktop Environment (CDE) or restricting access to the printer functionality until a patch is available. As a temporary workaround, avoid using the CDE to manage printers to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.