Security Advisory

CVE-2016-3100

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2016-07-13 15:00:00

Last updated 2024-08-05 23:47:56

Assigner redhat

State PUBLISHED

Description

kinit in KDE Frameworks before 5.23.0 uses weak permissions (644) for /tmp/xauth-xxx-_y, which allows local users to obtain X11 cookies of other users and consequently capture keystrokes and possibly gain privileges by reading the file.

← Browse all CVEs View on cve.org ↗