Описание
A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may use this flaw to intercept all keystrokes of a victim user who is using the graphical interface, change the input method engine, or modify other input related configurations of the victim user.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1.5.17-3ubuntu5.3 |
| devel | not-affected | 1.5.22-1~exp1ubuntu1 |
| disco | ignored | end of life |
| eoan | released | 1.5.21-1~exp2ubuntu2.1 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | not-affected | 1.5.17-3ubuntu5.3 |
| esm-infra/xenial | not-affected | 1.5.11-1ubuntu2.4 |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | DNE |
Показывать по
3.6 Low
CVSS2
7.1 High
CVSS3
Связанные уязвимости
A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may use this flaw to intercept all keystrokes of a victim user who is using the graphical interface, change the input method engine, or modify other input related configurations of the victim user.
A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may use this flaw to intercept all keystrokes of a victim user who is using the graphical interface, change the input method engine, or modify other input related configurations of the victim user.
A flaw was discovered in ibus in versions before 1.5.22 that allows an ...
3.6 Low
CVSS2
7.1 High
CVSS3