CVE-2020-2696 - Vulnerability Details - OpenCVE

ReportizFlow

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Common Desktop Environment). The supported version that is affected is 10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Oracle	Solaris

Configuration 1 [-]

cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://packetstormsecurity.com/files/155963/SunOS-5.10-Generic_147148-26-Local-Privilege-Escalation.html
http://packetstormsecurity.com/files/155991/Common-Desktop-Environment-2.3.1-Buffer-Overflow.html
http://seclists.org/fulldisclosure/2020/Jan/24
http://www.openwall.com/lists/oss-security/2020/01/20/2
https://seclists.org/bugtraq/2020/Jan/22
https://www.oracle.com/security-alerts/cpujan2020.html

History

Mon, 30 Sep 2024 15:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: oracle

Published: 2020-01-15T16:34:07

Updated: 2024-09-30T14:51:10.572Z

Reserved: 2019-12-10T00:00:00

Link: CVE-2020-2696

Vulnrichment

Updated: 2024-08-04T07:17:01.595Z

NVD

Status : Modified

Published: 2020-01-15T17:15:26.753

Modified: 2024-11-21T05:26:01.650

Link: CVE-2020-2696

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Solaris Operating System", "vendor": "Oracle Corporation", "versions": [{"status": "affected", "version": "10"}]}], "descriptions": [{"lang": "en", "value": "Vulnerability in the Oracle Solaris product of Oracle Systems (component: Common Desktop Environment). The supported version that is affected is 10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris.", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-01-20T12:06:20", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/security-alerts/cpujan2020.html"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/155963/SunOS-5.10-Generic_147148-26-Local-Privilege-Escalation.html"}, {"name": "20200117 CVE-2020-2696 - Local privilege escalation via CDE dtsession", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "https://seclists.org/bugtraq/2020/Jan/22"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/155991/Common-Desktop-Environment-2.3.1-Buffer-Overflow.html"}, {"name": "20200117 CVE-2020-2696 - Local privilege escalation via CDE dtsession", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2020/Jan/24"}, {"name": "[oss-security] 20200120 CVE-2020-2656, CVE-2020-2696 - Multiple vulnerabilities in Oracle Solaris", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2020/01/20/2"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2020-2696", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Solaris Operating System", "version": {"version_data": [{"version_affected": "=", "version_value": "10"}]}}]}, "vendor_name": "Oracle Corporation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Vulnerability in the Oracle Solaris product of Oracle Systems (component: Common Desktop Environment). The supported version that is affected is 10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)."}]}, "impact": {"cvss": {"baseScore": "8.8", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris."}]}]}, "references": {"reference_data": [{"name": "https://www.oracle.com/security-alerts/cpujan2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujan2020.html"}, {"name": "http://packetstormsecurity.com/files/155963/SunOS-5.10-Generic_147148-26-Local-Privilege-Escalation.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/155963/SunOS-5.10-Generic_147148-26-Local-Privilege-Escalation.html"}, {"name": "20200117 CVE-2020-2696 - Local privilege escalation via CDE dtsession", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2020/Jan/22"}, {"name": "http://packetstormsecurity.com/files/155991/Common-Desktop-Environment-2.3.1-Buffer-Overflow.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/155991/Common-Desktop-Environment-2.3.1-Buffer-Overflow.html"}, {"name": "20200117 CVE-2020-2696 - Local privilege escalation via CDE dtsession", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2020/Jan/24"}, {"name": "[oss-security] 20200120 CVE-2020-2656, CVE-2020-2696 - Multiple vulnerabilities in Oracle Solaris", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2020/01/20/2"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T07:17:01.595Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com/security-alerts/cpujan2020.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/155963/SunOS-5.10-Generic_147148-26-Local-Privilege-Escalation.html"}, {"name": "20200117 CVE-2020-2696 - Local privilege escalation via CDE dtsession", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "https://seclists.org/bugtraq/2020/Jan/22"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/155991/Common-Desktop-Environment-2.3.1-Buffer-Overflow.html"}, {"name": "20200117 CVE-2020-2696 - Local privilege escalation via CDE dtsession", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2020/Jan/24"}, {"name": "[oss-security] 20200120 CVE-2020-2656, CVE-2020-2696 - Multiple vulnerabilities in Oracle Solaris", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2020/01/20/2"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-30T14:42:00.230254Z", "id": "CVE-2020-2696", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-30T14:51:10.572Z"}}]}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2020-2696", "datePublished": "2020-01-15T16:34:07", "dateReserved": "2019-12-10T00:00:00", "dateUpdated": "2024-09-30T14:51:10.572Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.oracle.com/security-alerts/cpujan2020.html", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "http://packetstormsecurity.com/files/155963/SunOS-5.10-Generic_147148-26-Local-Privilege-Escalation.html", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://seclists.org/bugtraq/2020/Jan/22", "name": "20200117 CVE-2020-2696 - Local privilege escalation via CDE dtsession", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"]}, {"url": "http://packetstormsecurity.com/files/155991/Common-Desktop-Environment-2.3.1-Buffer-Overflow.html", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2020/Jan/24", "name": "20200117 CVE-2020-2696 - Local privilege escalation via CDE dtsession", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2020/01/20/2", "name": "[oss-security] 20200120 CVE-2020-2656, CVE-2020-2696 - Multiple vulnerabilities in Oracle Solaris", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T07:17:01.595Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2020-2696", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-09-30T14:42:00.230254Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-30T14:44:14.375Z"}}], "cna": {"metrics": [{"cvssV3_0": {"scope": "CHANGED", "version": "3.0", "baseScore": 8.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "Oracle Corporation", "product": "Solaris Operating System", "versions": [{"status": "affected", "version": "10"}]}], "references": [{"url": "https://www.oracle.com/security-alerts/cpujan2020.html", "tags": ["x_refsource_MISC"]}, {"url": "http://packetstormsecurity.com/files/155963/SunOS-5.10-Generic_147148-26-Local-Privilege-Escalation.html", "tags": ["x_refsource_MISC"]}, {"url": "https://seclists.org/bugtraq/2020/Jan/22", "name": "20200117 CVE-2020-2696 - Local privilege escalation via CDE dtsession", "tags": ["mailing-list", "x_refsource_BUGTRAQ"]}, {"url": "http://packetstormsecurity.com/files/155991/Common-Desktop-Environment-2.3.1-Buffer-Overflow.html", "tags": ["x_refsource_MISC"]}, {"url": "http://seclists.org/fulldisclosure/2020/Jan/24", "name": "20200117 CVE-2020-2696 - Local privilege escalation via CDE dtsession", "tags": ["mailing-list", "x_refsource_FULLDISC"]}, {"url": "http://www.openwall.com/lists/oss-security/2020/01/20/2", "name": "[oss-security] 20200120 CVE-2020-2656, CVE-2020-2696 - Multiple vulnerabilities in Oracle Solaris", "tags": ["mailing-list", "x_refsource_MLIST"]}], "descriptions": [{"lang": "en", "value": "Vulnerability in the Oracle Solaris product of Oracle Systems (component: Common Desktop Environment). The supported version that is affected is 10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris."}]}], "providerMetadata": {"orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle", "dateUpdated": "2020-01-20T12:06:20"}, "x_legacyV4Record": {"impact": {"cvss": {"version": "3.0", "baseScore": "8.8", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "10", "version_affected": "="}]}, "product_name": "Solaris Operating System"}]}, "vendor_name": "Oracle Corporation"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "https://www.oracle.com/security-alerts/cpujan2020.html", "name": "https://www.oracle.com/security-alerts/cpujan2020.html", "refsource": "MISC"}, {"url": "http://packetstormsecurity.com/files/155963/SunOS-5.10-Generic_147148-26-Local-Privilege-Escalation.html", "name": "http://packetstormsecurity.com/files/155963/SunOS-5.10-Generic_147148-26-Local-Privilege-Escalation.html", "refsource": "MISC"}, {"url": "https://seclists.org/bugtraq/2020/Jan/22", "name": "20200117 CVE-2020-2696 - Local privilege escalation via CDE dtsession", "refsource": "BUGTRAQ"}, {"url": "http://packetstormsecurity.com/files/155991/Common-Desktop-Environment-2.3.1-Buffer-Overflow.html", "name": "http://packetstormsecurity.com/files/155991/Common-Desktop-Environment-2.3.1-Buffer-Overflow.html", "refsource": "MISC"}, {"url": "http://seclists.org/fulldisclosure/2020/Jan/24", "name": "20200117 CVE-2020-2696 - Local privilege escalation via CDE dtsession", "refsource": "FULLDISC"}, {"url": "http://www.openwall.com/lists/oss-security/2020/01/20/2", "name": "[oss-security] 20200120 CVE-2020-2656, CVE-2020-2696 - Multiple vulnerabilities in Oracle Solaris", "refsource": "MLIST"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "Vulnerability in the Oracle Solaris product of Oracle Systems (component: Common Desktop Environment). The supported version that is affected is 10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris."}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2020-2696", "STATE": "PUBLIC", "ASSIGNER": "[email protected]"}}}}, "cveMetadata": {"cveId": "CVE-2020-2696", "state": "PUBLISHED", "dateUpdated": "2024-09-30T14:51:10.572Z", "dateReserved": "2019-12-10T00:00:00", "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "datePublished": "2020-01-15T16:34:07", "assignerShortName": "oracle"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*", "matchCriteriaId": "964B57CD-CB8A-4520-B358-1C93EC5EF2DC", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Vulnerability in the Oracle Solaris product of Oracle Systems (component: Common Desktop Environment). The supported version that is affected is 10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)."}, {"lang": "es", "value": "Vulnerabilidad en el producto Oracle Solaris de Oracle Systems (componente: Common Desktop Environment). La versi\u00f3n compatible que est\u00e1 afectada es la 10. Una vulnerabilidad f\u00e1cilmente explotable permite a un atacante poco privilegiado con inicio de sesi\u00f3n en la infraestructura donde se ejecuta Oracle Solaris comprometer a Oracle Solaris. Aunque la vulnerabilidad ocurre en Oracle Solaris, los ataques pueden impactar significativamente a productos adicionales. Los ataques con \u00e9xito de esta vulnerabilidad pueden resultar en una toma de control de Oracle Solaris. Puntuaci\u00f3n b\u00e1sica 8.8 de CVSS 3.0 (Impactos en la Confidencialidad, Integridad y Disponibilidad). Vector CVSS: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)."}], "id": "CVE-2020-2696", "lastModified": "2024-11-21T05:26:01.650", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.0, "impactScore": 6.0, "source": "[email protected]", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.0, "impactScore": 6.0, "source": "[email protected]", "type": "Primary"}]}, "published": "2020-01-15T17:15:26.753", "references": [{"source": "[email protected]", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/155963/SunOS-5.10-Generic_147148-26-Local-Privilege-Escalation.html"}, {"source": "[email protected]", "tags": ["Exploit", "Patch", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/155991/Common-Desktop-Environment-2.3.1-Buffer-Overflow.html"}, {"source": "[email protected]", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2020/Jan/24"}, {"source": "[email protected]", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2020/01/20/2"}, {"source": "[email protected]", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "https://seclists.org/bugtraq/2020/Jan/22"}, {"source": "[email protected]", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.oracle.com/security-alerts/cpujan2020.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/155963/SunOS-5.10-Generic_147148-26-Local-Privilege-Escalation.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/155991/Common-Desktop-Environment-2.3.1-Buffer-Overflow.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2020/Jan/24"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2020/01/20/2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "https://seclists.org/bugtraq/2020/Jan/22"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.oracle.com/security-alerts/cpujan2020.html"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "[email protected]", "type": "Primary"}]}