6.8
CVE-2007-4569
- EPSS 1.02%
- Veröffentlicht 21.09.2007 19:17:00
- Zuletzt bearbeitet 16.06.2026 22:44:20
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
backend/session.c in KDM in KDE 3.3.0 through 3.5.7, when autologin is configured and "shutdown with password" is enabled, allows remote attackers to bypass the password requirement and login to arbitrary accounts via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.02% | 0.587 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 3.1 | 10 |
AV:L/AC:L/Au:S/C:C/I:C/A:C
|
http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html
http://secunia.com/advisories/27271
http://secunia.com/advisories/27089
http://secunia.com/advisories/27096
http://secunia.com/advisories/27106
http://www.redhat.com/support/errata/RHSA-2007-0905.html
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00022.html
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00084.html
http://secunia.com/advisories/26894
http://secunia.com/advisories/26904
http://secunia.com/advisories/26915
http://secunia.com/advisories/26929
http://secunia.com/advisories/26977
http://secunia.com/advisories/27180
http://security.gentoo.org/glsa/glsa-200710-15.xml
http://securitytracker.com/id?1018724
http://www.debian.org/security/2007/dsa-1376
http://www.kde.org/info/security/advisory-20070919-1.txt
http://www.mandriva.com/security/advisories?name=MDKSA-2007:190
http://www.securityfocus.com/bid/25730
http://www.ubuntu.com/usn/usn-517-1
http://www.vupen.com/english/advisories/2007/3227
https://exchange.xforce.ibmcloud.com/vulnerabilities/36711
https://issues.rpath.com/browse/RPL-1725
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10359