Vulnerability identifier: #VU67606
Vulnerability risk: Low
Exploitation vector: Local
Exploit availability: Yes
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper input validation in the window manager. A local unprivileged user can inject and execute arbitrary OS commands with root privileges.
Install updates from vendor's website.
Vulnerable software versions
Enlightenment: 0.17.0 - 0.25.3-2
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?