FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
848bdd06-f93a-11eb-9f7d-206a8a720317x11/cde -- Local privilege escalation via CDE dtsession

Marco Ivaldi (marco.ivaldi () mediaservice net) reports:

A buffer overflow in the CheckMonitor() function in the Common Desktop Environment 2.3.1 and earlier and 1.6 and earlier, as distributed with Oracle Solaris 10 1/13 (Update 11) and earlier, allows local users to gain root privileges via a long palette name passed to dtsession in a malicious .Xdefaults file.


Discovery 2020-01-15
Entry 2021-08-09
cde
lt 2.4.0

CVE-2020-2696
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2696