7.8

CVE-2015-3643

Exploit
usb-creator before 0.2.38.3ubuntu0.1 on Ubuntu 12.04 LTS, before 0.2.56.3ubuntu0.1 on Ubuntu 14.04 LTS, before 0.2.62ubuntu0.3 on Ubuntu 14.10, and before 0.2.67ubuntu0.1 on Ubuntu 15.04 allows local users to gain privileges by leveraging a missing call check_polkit for the KVMTest method.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Usb-creator ProjectUsb-creator Version <= 0.2.38.3
   CanonicalUbuntu Linux Version12.04 SwEditionlts
Usb-creator ProjectUsb-creator Version <= 0.2.56.3
   CanonicalUbuntu Linux Version14.04 SwEditionlts
Usb-creator ProjectUsb-creator Version <= 0.2.62ubuntu0.2
   CanonicalUbuntu Linux Version14.10
Usb-creator ProjectUsb-creator Version <= 0.2.67
   CanonicalUbuntu Linux Version15.04
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.53% 0.715
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 4.6 3.9 6.4
AV:L/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.openwall.com/lists/oss-security/2015/04/22/12
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2015/05/04/3
Third Party Advisory
Mailing List
http://www.securityfocus.com/bid/74304
Third Party Advisory
VDB Entry
https://bazaar.launchpad.net/~usb-creator-hackers/usb-creator/trunk/revision/470
Third Party Advisory
https://usn.ubuntu.com/usn/usn-2576-1/
Third Party Advisory
https://usn.ubuntu.com/usn/usn-2576-2/
Third Party Advisory
https://www.exploit-db.com/exploits/36820/
Third Party Advisory
Exploit
VDB Entry