CVE-2019-3010

Vulnerability in the Oracle Solaris product of Oracle Systems (component: XScreenSaver). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).

Published: Oct 16, 2019
Updated: Apr 13, 2023
CVE: CVE-2019-3010
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CVSS v2:

Severity: Low
Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
oracle / solaris	11	11.x

http://packetstormsecurity.com/files/154960/Solaris-xscreensaver-Privilege-Escalation.html
http://seclists.org/fulldisclosure/2019/Oct/39
http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

Vulnerability Database

289,599

CVE-2019-3010