FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-19 19:12:13 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
848bdd06-f93a-11eb-9f7d-206a8a720317	x11/cde -- Local privilege escalation via CDE dtsession Marco Ivaldi (marco.ivaldi () mediaservice net) reports: A buffer overflow in the CheckMonitor() function in the Common Desktop Environment 2.3.1 and earlier and 1.6 and earlier, as distributed with Oracle Solaris 10 1/13 (Update 11) and earlier, allows local users to gain root privileges via a long palette name passed to dtsession in a malicious .Xdefaults file. Discovery 2020-01-15 Entry 2021-08-09 cde < 2.4.0 CVE-2020-2696 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2696

VuXML ID

Description

848bdd06-f93a-11eb-9f7d-206a8a720317

x11/cde -- Local privilege escalation via CDE dtsession

Marco Ivaldi (marco.ivaldi () mediaservice net) reports:

A buffer overflow in the CheckMonitor() function in the Common Desktop Environment 2.3.1 and earlier and 1.6 and earlier, as distributed with Oracle Solaris 10 1/13 (Update 11) and earlier, allows local users to gain root privileges via a long palette name passed to dtsession in a malicious .Xdefaults file.

Discovery 2020-01-15
Entry 2021-08-09
cde

< 2.4.0

CVE-2020-2696
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2696