CVE-2016-10323

Sažetak

Synology Photo Station before 6.3-2958 allows local users to gain privileges by leveraging setuid execution of a "synophoto_dsm_user --copy-no-ea" command.

Reference

http://seclists.org/oss-sec/2016/q1/236
https://www.synology.com/en-us/releaseNote/PhotoStation

CVSS

Base:	7.2
Impact:	10.0
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

13-06-2018 - 12:20

Objavljeno

10-04-2017 - 18:59