CVE-2022-43752

Published: Oct 31, 2022Modified: Jun 17, 2026

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Oracle Solaris version 10 1/13, when using the Common Desktop Environment (CDE), is vulnerable to a privilege escalation vulnerability. A low privileged user can escalate to root by crafting a malicious printer and double clicking on the the crafted printer's icon.

Affected (1)

Products: Common Desktop Environment Project: Common Desktop Environment

Common Desktop Environment Project

1 product

Common Desktop Environment

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Common Desktop Environment Project Common Desktop Environment	All versions

Running on/with	Platform Versions
Oracle Solaris	Version 10

Related CWEs

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (4)

http://phrack.org/issues/70/13.html#article

Source: cve@mitre.org

ExploitIssue TrackingTechnical DescriptionThird Party Advisory

https://github.com/0xdea/exploits/blob/master/solaris/raptor_dtprintcheckdir_intel.c

Source: cve@mitre.org

ExploitThird Party Advisory

http://phrack.org/issues/70/13.html#article

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitIssue TrackingTechnical DescriptionThird Party Advisory

https://github.com/0xdea/exploits/blob/master/solaris/raptor_dtprintcheckdir_intel.c

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.