5.9

CVE-2013-4394

EPSS 0.11%
Veröffentlicht 28.10.2013 22:55:03
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle secalert@redhat.com
CVE-Watchlists
Login
Unerledigt
Login

The SetX11Keyboard function in systemd, when PolicyKit Local Authority (PKLA) is used to change the group permissions on the X Keyboard Extension (XKB) layouts description, allows local users in the group to modify the Xorg X11 Server configuration file and possibly gain privileges via vectors involving "special and control characters."

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Systemd Project ≫ Systemd Version < 194

Debian ≫ Debian Linux Version7.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.11%	0.262

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.9	1.9	9.5	AV:L/AC:H/Au:N/C:C/I:C/A:P

CWE-276 Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

http://www.debian.org/security/2013/dsa-2777

Third Party Advisory

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357

Third Party Advisory

Issue Tracking

http://www.openwall.com/lists/oss-security/2013/10/01/9

Third Party Advisory

Mailing List

https://security.gentoo.org/glsa/201612-34

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=862324

Patch

Third Party Advisory

Issue Tracking

https://nvd.nist.gov/vuln/detail/CVE-2013-4394

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2013-4394

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2013-4394

EUVD