Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-7221

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2013-7221
Last Modified 29 Apr 2014 03:03:18
Published 29 Apr 2014 10:38:47
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2013-7221

Summary

The automatic screen lock functionality in GNOME Shell (aka gnome-shell) before 3.10 does not prevent access to the "Enter a Command" dialog, which allows physically proximate attackers to execute arbitrary commands by leveraging an unattended workstation.

Vulnerable Systems

Application

  • Gnome-shell 3.0.0

  • Gnome-shell 3.0.0.1

  • Gnome-shell 3.0.0.2

  • Gnome-shell 3.0.1

  • Gnome-shell 3.0.2

  • Gnome-shell 3.1.3

  • Gnome-shell 3.1.4

  • Gnome-shell 3.1.90

  • Gnome-shell 3.1.90.1

  • Gnome-shell 3.1.91

  • Gnome-shell 3.1.91.1

  • Gnome-shell 3.1.92

  • Gnome-shell 3.2.0

  • Gnome-shell 3.2.1

  • Gnome-shell 3.2.2

  • Gnome-shell 3.2.2.1

  • Gnome-shell 3.3.2

  • Gnome-shell 3.3.3

  • Gnome-shell 3.3.5

  • Gnome-shell 3.3.90

  • Gnome-shell 3.3.91

  • Gnome-shell 3.3.92

  • Gnome-shell 3.4.0

  • Gnome-shell 3.4.1

  • Gnome-shell 3.4.2

  • Gnome-shell 3.5.2

  • Gnome-shell 3.5.3

  • Gnome-shell 3.5.4

  • Gnome-shell 3.5.90

  • Gnome-shell 3.5.91

  • Gnome-shell 3.5.92

  • Gnome-shell 3.6.0

  • Gnome-shell 3.6.1

  • Gnome-shell 3.6.2

  • Gnome-shell 3.6.3

  • Gnome-shell 3.6.3.1

  • Gnome-shell 3.7.1

  • Gnome-shell 3.7.2

  • Gnome-shell 3.7.2.1

  • Gnome-shell 3.7.3

  • Gnome-shell 3.7.3.1

  • Gnome-shell 3.7.4

  • Gnome-shell 3.7.4.1

  • Gnome-shell 3.7.5

  • Gnome-shell 3.7.91

  • Gnome-shell 3.7.92

  • Gnome-shell 3.8.0

  • Gnome-shell 3.8.0.1

  • Gnome-shell 3.8.1

  • Gnome-shell 3.8.2

  • Gnome-shell 3.8.3

  • Gnome-shell 3.8.4

  • Gnome-shell 3.9.1

  • Gnome-shell 3.9.2

  • Gnome-shell 3.9.3

  • Gnome-shell 3.9.4

  • Gnome-shell 3.9.5

  • Gnome-shell 3.9.90

  • Gnome-shell 3.9.91

  • Gnome-shell 3.9.92


References

CONFIRM - https://git.gnome.org/browse/gnome-shell/commit/js/ui/main.js?id=efdf1ff755943fba1f8a9aaeff77daa3ed338088

CONFIRM - https://bugzilla.gnome.org/show_bug.cgi?id=708313

MLIST - [oss-security] 20131227 Re: Two CVE request for gnome-shell/screensaver issues

MLIST - [oss-security] 20131227 Two CVE request for gnome-shell/screensaver issues


Last Updated: 27 May 2016 11:05:06