Local File Hijacking Vulnerability in aRts and kdelibs
CVE-2015-7543

7HIGH

Key Information:

Vendor: Kde
Status: Kdelibs; Arts
Vendor: CVE Published:; 25 July 2017

What is CVE-2015-7543?

The aRts sound server version 1.5.10 and kdelibs3 version 3.5.10 and earlier have a vulnerability that stems from improper handling of temporary directory creation. This flaw allows local users to exploit the Inter-Process Communication (IPC) by precreating a temporary directory, leading to unauthorized access or modification of user data. Proper safeguards are necessary to mitigate this risk and enhance system security.

References

https://bugzilla.redhat.com/show_bug.cgi?id=1280543

x_refsource_CONFIRM

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 25, 2017
Vulnerability Reserved
Sep 29, 2015

CVE-2015-7543 Data

JSON

Kde

What is CVE-2015-7543?

References

CVSS V3.1

Timeline