1 results (0.002 seconds)
CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0
CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0CVE-2016-3100
https://notcve.org/view.php?id=CVE-2016-3100
13 Jul 2016 — kinit in KDE Frameworks before 5.23.0 uses weak permissions (644) for /tmp/xauth-xxx-_y, which allows local users to obtain X11 cookies of other users and consequently capture keystrokes and possibly gain privileges by reading the file. kinit en KDE Frameworks en versiones anteriores a 5.23.0 utiliza permisos débiles (644) para /tmp/xauth-xxx-_y, lo que permite a usuarios locales obtener cookies X11 de otros usuarios y consecuentemente capturar pulsaciones del teclado y posiblemente obtener privilegios leye... • http://lists.opensuse.org/opensuse-updates/2016-07/msg00001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •