Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2013-7220

Опубликовано: 29 апр. 2014
Источник: nvd
CVSS2: 4.6
EPSS Низкий

Описание

js/ui/screenShield.js in GNOME Shell (aka gnome-shell) before 3.8 allows physically proximate attackers to execute arbitrary commands by leveraging an unattended workstation with the keyboard focus on the Activities search.

Комментарий

Per: https://cwe.mitre.org/data/definitions/77.html

"CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')"

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:gnome:gnome-shell:*:*:*:*:*:*:*:*
Версия до 3.7.92 (включая)
cpe:2.3:a:gnome:gnome-shell:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.0.0.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.0.0.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.1.3:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.1.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.1.90:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.1.90.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.1.91:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.1.91.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.1.92:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.2.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.2.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.3.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.3.3:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.3.5:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.3.90:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.3.91:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.3.92:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.4.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.4.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.4.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.5.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.5.3:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.5.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.5.90:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.5.91:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.5.92:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.6.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.6.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.6.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.6.3:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.6.3.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.7.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.7.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.7.2.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.7.3:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.7.3.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.7.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.7.4.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.7.5:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-shell:3.7.91:*:*:*:*:*:*:*

EPSS

Процентиль: 27%
0.00097
Низкий

4.6 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

ubuntu логотип

CVE-2013-7220

ubuntu
почти 12 лет назад

js/ui/screenShield.js in GNOME Shell (aka gnome-shell) before 3.8 allows physically proximate attackers to execute arbitrary commands by leveraging an unattended workstation with the keyboard focus on the Activities search.

redhat логотип

CVE-2013-7220

redhat
около 12 лет назад

js/ui/screenShield.js in GNOME Shell (aka gnome-shell) before 3.8 allows physically proximate attackers to execute arbitrary commands by leveraging an unattended workstation with the keyboard focus on the Activities search.

debian логотип

CVE-2013-7220

debian
почти 12 лет назад

js/ui/screenShield.js in GNOME Shell (aka gnome-shell) before 3.8 allo ...

github логотип

GHSA-9965-5x5j-j3rf

github
больше 3 лет назад

js/ui/screenShield.js in GNOME Shell (aka gnome-shell) before 3.8 allows physically proximate attackers to execute arbitrary commands by leveraging an unattended workstation with the keyboard focus on the Activities search.

EPSS

Процентиль: 27%
0.00097
Низкий

4.6 Medium

CVSS2

Дефекты

NVD-CWE-Other