cbcvebase.
CVE-2008-0162
published 2008-02-22

CVE-2008-0162: misc.c in splitvt 1.6.6 and earlier does not drop group privileges before executing xprop, which allows local users to gain privileges.

PriorityP426high7.2CVSS 2.0
AVLACLAuNCCICAC
EPSS
0.35%
26.4th percentile
misc.c in splitvt 1.6.6 and earlier does not drop group privileges before executing xprop, which allows local users to gain privileges.

Affected

6 ranges
VendorProductVersion rangeFixed in
debiansplitvt< splitvt 1.6.6-4 (bookworm)splitvt 1.6.6-4 (bookworm)
sam_lantingasplitvt<= 1.6.6
sam_lantingasplitvt>= 0 < 1.6.6-41.6.6-4
sam_lantingasplitvt>= 0 < 1.6.6-41.6.6-4
sam_lantingasplitvt>= 0 < 1.6.6-41.6.6-4
sam_lantingasplitvt>= 0 < 1.6.6-41.6.6-4

CVSS provenance

nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv7.2HIGH
vendor_debian7.2HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.