CVE-2020-9759
Published: 23 March 2020
A Vulnerability of LG Electronic web OS TV Emulator could allow an attacker to escalate privileges and overwrite certain files. This vulnerability is due to wrong environment setting. An attacker could exploit this vulnerability through crafted configuration files and executable files.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
weechat Launchpad, Ubuntu, Debian |
bionic |
Released
(1.9.1-1ubuntu1+esm1)
Available with Ubuntu Pro |
| eoan |
Ignored
(end of life)
|
|
| focal |
Not vulnerable
(2.7.1-1)
|
|
| groovy |
Ignored
(end of life)
|
|
| hirsute |
Ignored
(end of life)
|
|
| impish |
Ignored
(end of life)
|
|
| jammy |
Not vulnerable
(2.7.1-1)
|
|
| kinetic |
Ignored
(end of life, was needed)
|
|
| lunar |
Not vulnerable
(3.6-1)
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(2.7.1-1)
|
|
| xenial |
Released
(1.4-2ubuntu0.1+esm1)
Available with Ubuntu Pro |
|
|
Patches: upstream: https://github.com/weechat/weechat/commit/c827d6fa864e2c0b79cea640c45272e83703081e upstream: https://github.com/weechat/weechat/commit/9904cb6d2eb40f679d8ff6557c22d53a3e3dc75a |
||
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 7.8 |
| Attack vector | Local |
| Attack complexity | Low |
| Privileges required | None |
| User interaction | Required |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | High |
| Availability impact | High |
| Vector | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |