Описание
The default configuration of IBUS 1.5.4, and possibly 1.5.2 and earlier, when IBus.InputPurpose.PASSWORD is not set and used with GNOME 3, does not obscure the entered password characters, which allows physically proximate attackers to obtain a user password by reading the lockscreen.
The default configuration of IBUS 1.5.4, and possibly 1.5.2 and earlier, when IBus.InputPurpose.PASSWORD is not set and used with GNOME 3, does not obscure the entered password characters, which allows physically proximate attackers to obtain a user password by reading the lockscreen.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2013-4509
- https://github.com/ibus/ibus-anthy/commit/6aae0a9f145f536515e268dd6b25aa740a5edfe7
- https://bugzilla.redhat.com/show_bug.cgi?id=1027028
- https://code.google.com/p/mozc/issues/attachmentText?id=199&aid=1990002000&name=ibus-mozc_support_ibus-1.5.4_rev2.diff&token=P62umpXGXx68XJT6zyvBA727wqE%3A1383693105690
- https://groups.google.com/forum/#!topic/ibus-user/mvCHDO1BJUw
- https://groups.google.com/forum/#%21topic/ibus-user/mvCHDO1BJUw
- http://lists.opensuse.org/opensuse-updates/2013-11/msg00036.html
- http://lists.opensuse.org/opensuse-updates/2013-12/msg00024.html
- http://lists.opensuse.org/opensuse-updates/2014-01/msg00045.html
EPSS
CVE ID
Связанные уязвимости
The default configuration of IBUS 1.5.4, and possibly 1.5.2 and earlier, when IBus.InputPurpose.PASSWORD is not set and used with GNOME 3, does not obscure the entered password characters, which allows physically proximate attackers to obtain a user password by reading the lockscreen.
The default configuration of IBUS 1.5.4, and possibly 1.5.2 and earlier, when IBus.InputPurpose.PASSWORD is not set and used with GNOME 3, does not obscure the entered password characters, which allows physically proximate attackers to obtain a user password by reading the lockscreen.
The default configuration of IBUS 1.5.4, and possibly 1.5.2 and earlier, when IBus.InputPurpose.PASSWORD is not set and used with GNOME 3, does not obscure the entered password characters, which allows physically proximate attackers to obtain a user password by reading the lockscreen.
The default configuration of IBUS 1.5.4, and possibly 1.5.2 and earlie ...
EPSS