CVE-2008-0162
published 2008-02-22CVE-2008-0162: misc.c in splitvt 1.6.6 and earlier does not drop group privileges before executing xprop, which allows local users to gain privileges.
PriorityP426high7.2CVSS 2.0
AVLACLAuNCCICAC
EPSS
0.35%
26.4th percentile
misc.c in splitvt 1.6.6 and earlier does not drop group privileges before executing xprop, which allows local users to gain privileges.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | splitvt | < splitvt 1.6.6-4 (bookworm) | splitvt 1.6.6-4 (bookworm) |
| sam_lantinga | splitvt | <= 1.6.6 | — |
| sam_lantinga | splitvt | >= 0 < 1.6.6-4 | 1.6.6-4 |
| sam_lantinga | splitvt | >= 0 < 1.6.6-4 | 1.6.6-4 |
| sam_lantinga | splitvt | >= 0 < 1.6.6-4 | 1.6.6-4 |
| sam_lantinga | splitvt | >= 0 < 1.6.6-4 | 1.6.6-4 |
CVSS provenance
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv7.2HIGH
vendor_debian7.2HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2008-0162: splitvt - misc.c in splitvt 1.6.6 and earlier does not drop group privileges before execut...
vendor_debian·2008·CVSS 7.2
CVE-2008-0162 [HIGH] CVE-2008-0162: splitvt - misc.c in splitvt 1.6.6 and earlier does not drop group privileges before execut...
misc.c in splitvt 1.6.6 and earlier does not drop group privileges before executing xprop, which allows local users to gain privileges.
Scope: local
bookworm: resolved (fixed in 1.6.6-4)
bullseye: resolved (fixed in 1.6.6-4)
forky: resolved (fixed in 1.6.6-4)
sid: resolved (fixed in 1.6.6-4)
trixie: resolved (fixed in 1.6.6-4)
GHSA
GHSA-42fh-f837-4fj4: misc
ghsa_unreviewed·2022-05-01
CVE-2008-0162 [HIGH] GHSA-42fh-f837-4fj4: misc
misc.c in splitvt 1.6.6 and earlier does not drop group privileges before executing xprop, which allows local users to gain privileges.
OSV
CVE-2008-0162: misc
osv·2008-02-22·CVSS 7.2
CVE-2008-0162 [HIGH] CVE-2008-0162: misc
misc.c in splitvt 1.6.6 and earlier does not drop group privileges before executing xprop, which allows local users to gain privileges.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://secunia.com/advisories/29064http://secunia.com/advisories/29080http://secunia.com/advisories/29190http://security.gentoo.org/glsa/glsa-200803-05.xmlhttp://www.debian.org/security/2008/dsa-1500http://www.securityfocus.com/bid/27936http://secunia.com/advisories/29064http://secunia.com/advisories/29080http://secunia.com/advisories/29190http://security.gentoo.org/glsa/glsa-200803-05.xmlhttp://www.debian.org/security/2008/dsa-1500http://www.securityfocus.com/bid/27936
2008-02-22
Published