Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.9
CVSSv2

CVE-2014-1419

Published: 24/07/2014 Updated: 07/01/2017
CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4
VMScore: 614
Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Canonical

Vulnerability Summary

Race condition in the power policy functions in policy-funcs in acpi-support prior to 0.142 allows local users to gain privileges via unspecified vectors.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

canonical acpi-support

canonical ubuntu linux 12.04

Vendor Advisories

Ubuntu Security Notice: acpi-support vulnerability
The system could be made to run programs as an administrator ...
Debian Security Advisories: DSA-2984-1 acpi-support -- security update
CESG discovered a root escalation flaw in the acpi-support package An unprivileged user can inject the DBUS_SESSION_BUS_ADDRESS environment variable to run arbitrary commands as root user via the policy-funcs script For the stable distribution (wheezy), this problem has been fixed in version 0140-5+deb7u1 For the testing distribution (jessie), ...

References

CWE-362https://bugs.launchpad.net/ubuntu/%2Bsource/acpi-support/%2Bbug/1340812http://www.ubuntu.com/usn/USN-2297-1http://www.debian.org/security/2014/dsa-2984http://secunia.com/advisories/60319https://usn.ubuntu.com/2297-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook