CVE-2014-0484 : The Debian acpi-support package before 0.140-5+deb7u3 allows local users to gain

The Debian acpi-support package before 0.140-5+deb7u3 allows local users to gain privileges via vectors related to the "user's environment."

Published 2014-09-22 15:55:07

Updated 2014-09-24 18:50:33

Source Debian GNU/Linux

View at NVD, CVE.org

Products affected by CVE-2014-0484

Canonical » Acpi-support » Version: 0.140
cpe:2.3:a:canonical:acpi-support:0.140:*:*:*:*:*:*:*
Matching versions

EPSS FAQ

0.14%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 32 %

Percentile, the proportion of vulnerabilities that are scored at or less

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

http://www.debian.org/security/2014/dsa-3020

Debian -- Security Information -- DSA-3020-1 acpi-support

Jump to