VYPR
High severity8.4NVD Advisory· Published Jul 13, 2016· Updated Jun 17, 2026

CVE-2016-3100

CVE-2016-3100

Description

kinit in KDE Frameworks before 5.23.0 uses weak permissions (644) for /tmp/xauth-xxx-_y, which allows local users to obtain X11 cookies of other users and consequently capture keystrokes and possibly gain privileges by reading the file.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.