Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-43752

Oracle Solaris version 10 1/13, when using the Common Desktop Environment (CDE), is vulnerable to a privilege escalation vulnerability. A low privileged user can escalate to root by crafting a malicious printer and double clicking on the the crafted printer's icon.

Published

2022-10-31T21:15:13.363

Last Modified

2025-05-06T19:15:57.730

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

Weaknesses

Type: Primary
CWE-120
Type: Secondary
CWE-120

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	common_desktop_environment_project	_common_desktop_environment	-	Yes
Operating System	oracle	solaris	10	No

References

http://phrack.org/issues/70/13.html#article Exploit, Issue Tracking, Technical Description, Third Party Advisory ([email protected])
https://github.com/0xdea/exploits/blob/master/solaris/raptor_dtprintcheckdir_intel.c Exploit, Third Party Advisory ([email protected])
http://phrack.org/issues/70/13.html#article Exploit, Issue Tracking, Technical Description, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/0xdea/exploits/blob/master/solaris/raptor_dtprintcheckdir_intel.c Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)