Vulnerability Description
An unspecified setuid root helper in Enlightenment before 0.17.6 allows local users to gain privileges by leveraging failure to properly sanitize the environment.
CVSS Score
7.8
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Enlightenment | Enlightenment | < 0.17.6 |
Related Weaknesses (CWE)
References
- http://www.openwall.com/lists/oss-security/2014/02/03/19Mailing List
- https://bugzilla.redhat.com/show_bug.cgi?id=1059410Issue Tracking
- https://exchange.xforce.ibmcloud.com/vulnerabilities/91216VDB Entry
- https://git.enlightenment.org/core/enlightenment.git/commit/?id=666df815cd86a503Patch
- https://git.enlightenment.org/core/enlightenment.git/commit/?id=bb4a21e98656fe2cPatch
- http://www.openwall.com/lists/oss-security/2014/02/03/19Mailing List
- https://bugzilla.redhat.com/show_bug.cgi?id=1059410Issue Tracking
- https://exchange.xforce.ibmcloud.com/vulnerabilities/91216VDB Entry
- https://git.enlightenment.org/core/enlightenment.git/commit/?id=666df815cd86a503Patch
- https://git.enlightenment.org/core/enlightenment.git/commit/?id=bb4a21e98656fe2cPatch
FAQ
What is CVE-2014-1845?
CVE-2014-1845 is a vulnerability with a CVSS score of 7.8 (HIGH). An unspecified setuid root helper in Enlightenment before 0.17.6 allows local users to gain privileges by leveraging failure to properly sanitize the environment.
How severe is CVE-2014-1845?
CVE-2014-1845 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-1845?
Check the references section above for vendor advisories and patch information. Affected products include: Enlightenment Enlightenment.