CVE-2016-10369
HIGH7.8EPSS 0.02%lxterminal - security update
發布日:2017/5/8修改日:2025/11/19
也稱為:ALPINE-CVE-2016-10369DEBIAN-CVE-2016-10369
描述
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).
受影響套件(3)
- Alpine/lxterminalfrom 0, < 0.3.0-r1
- Debian/lxterminalfrom 0, < 0.3.0-2
- Debian/lxterminalfrom 0, < 0.1.11-4+deb7u1
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.8 | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |