Vulnerabilities > CVE-2013-7220 - Unspecified vulnerability in Gnome Gnome-Shell

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

js/ui/screenShield.js in GNOME Shell (aka gnome-shell) before 3.8 allows physically proximate attackers to execute arbitrary commands by leveraging an unattended workstation with the keyboard focus on the Activities search.

Vulnerable Configurations

Part Description Count
Application
Gnome
71

Seebug

bulletinFamilyexploit
descriptionBugtraq ID:64546 CVE ID:CVE-2013-7220 gnome是一个linux操作系统的桌面环境, gnome-shell是gnome桌面环境的窗口管理程序。 GNOME gnome-shell用户打开Activities面板或者"Enter a command"对话框(Alt+F2),然后锁屏时存在一个安全漏洞,允许本地攻击者利用漏洞在锁屏上输入任意命令并执行任意命令。 0 GNOME gnome-shell 厂商补丁: GNOME ----- 用户可参考如下厂商提供的安全公告获得补丁信息: https://git.gnome.org/browse/gnome-shell/commit/js/ui/screenShield.js?id=209014b083dbe86ed0e0860a6016735571b56f94
idSSV:61239
last seen2017-11-19
modified2013-12-30
published2013-12-30
reporterRoot
titleGNOME gnome-shell本地任意命令执行漏洞