CVE-2020-2696
Common Desktop Environment 2.3.1 Buffer Overflow
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
4Exploited in Wild
-Decision
Descriptions
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Common Desktop Environment). The supported version that is affected is 10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).
Vulnerabilidad en el producto Oracle Solaris de Oracle Systems (componente: Common Desktop Environment). La versión compatible que está afectada es la 10. Una vulnerabilidad fácilmente explotable permite a un atacante poco privilegiado con inicio de sesión en la infraestructura donde se ejecuta Oracle Solaris comprometer a Oracle Solaris. Aunque la vulnerabilidad ocurre en Oracle Solaris, los ataques pueden impactar significativamente a productos adicionales. Los ataques con éxito de esta vulnerabilidad pueden resultar en una toma de control de Oracle Solaris. Puntuación básica 8.8 de CVSS 3.0 (Impactos en la Confidencialidad, Integridad y Disponibilidad). Vector CVSS: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).
A buffer overflow in the CheckMonitor() function in the Common Desktop Environment 2.3.1 and earlier and 1.6 and earlier, as distributed with Oracle Solaris 10 1/13 (Update 11) and earlier, allows local users to gain root privileges via a long palette name passed to dtsession in a malicious .Xdefaults file. Note that Oracle Solaris CDE is based on the original CDE 1.x train, which is different from the CDE 2.x codebase that was later open sourced. Most notably, the vulnerable buffer in the Oracle Solaris CDE is stack-based, while in the open source version it is heap-based.
CVSS Scores
SSVC
- Decision:Track*
Timeline
- 2019-12-10 CVE Reserved
- 2020-01-15 CVE Published
- 2024-03-11 EPSS Updated
- 2024-09-30 CVE Updated
- 2024-09-30 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (6)
URL | Tag | Source |
---|---|---|
http://www.openwall.com/lists/oss-security/2020/01/20/2 | Mailing List |
URL | Date | SRC |
---|---|---|
https://www.oracle.com/security-alerts/cpujan2020.html | 2022-10-25 |
URL | Date | SRC |
---|