CVE-2013-7221

Severity

46%

Complexity

39%

Confidentiality

106%

The automatic screen lock functionality in GNOME Shell (aka gnome-shell) before 3.10 does not prevent access to the "Enter a Command" dialog, which allows physically proximate attackers to execute arbitrary commands by leveraging an unattended workstation.

The automatic screen lock functionality in GNOME Shell (aka gnome-shell) before 3.10 does not prevent access to the "Enter a Command" dialog, which allows physically proximate attackers to execute arbitrary commands by leveraging an unattended workstation.

CVSS 2.0 Base Score 4.6. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:P/I:P/A:P).

Overview

Type

GNOME gnome-shell

First reported 10 years ago

2014-04-29 14:38:00

Last updated 10 years ago

2014-04-29 19:03:00

Affected Software

GNOME gnome-shell 3.0.0

3.0.0

GNOME gnome-shell 3.0.0.1

3.0.0.1

GNOME gnome-shell 3.0.0.2

3.0.0.2

GNOME gnome-shell 3.0.1

3.0.1

GNOME gnome-shell 3.0.2

3.0.2

GNOME gnome-shell 3.1.3

3.1.3

GNOME gnome-shell 3.1.4

3.1.4

GNOME gnome-shell 3.1.90

3.1.90

GNOME gnome-shell 3.1.90.1

3.1.90.1

GNOME gnome-shell 3.1.91

3.1.91

GNOME gnome-shell 3.1.91.1

3.1.91.1

GNOME gnome-shell 3.1.92

3.1.92

GNOME gnome-shell 3.2.0

3.2.0

GNOME gnome-shell 3.2.1

3.2.1

GNOME gnome-shell 3.2.2

3.2.2

GNOME gnome-shell 3.2.2.1

3.2.2.1

GNOME gnome-shell 3.3.2

3.3.2

GNOME gnome-shell 3.3.3

3.3.3

GNOME gnome-shell 3.3.5

3.3.5

GNOME gnome-shell 3.3.90

3.3.90

GNOME gnome-shell 3.3.91

3.3.91

GNOME gnome-shell 3.3.92

3.3.92

GNOME gnome-shell 3.4.0

3.4.0

GNOME gnome-shell 3.4.1

3.4.1

GNOME gnome-shell 3.4.2

3.4.2

GNOME gnome-shell 3.5.2

3.5.2

GNOME gnome-shell 3.5.3

3.5.3

GNOME gnome-shell 3.5.4

3.5.4

GNOME gnome-shell 3.5.90

3.5.90

GNOME gnome-shell 3.5.91

3.5.91

GNOME gnome-shell 3.5.92

3.5.92

GNOME gnome-shell 3.6.0

3.6.0

GNOME gnome-shell 3.6.1

3.6.1

GNOME gnome-shell 3.6.2

3.6.2

GNOME gnome-shell 3.6.3

3.6.3

GNOME gnome-shell 3.6.3.1

3.6.3.1

GNOME gnome-shell 3.7.1

3.7.1

GNOME gnome-shell 3.7.2

3.7.2

GNOME gnome-shell 3.7.2.1

3.7.2.1

GNOME gnome-shell 3.7.3

3.7.3

GNOME gnome-shell 3.7.3.1

3.7.3.1

GNOME gnome-shell 3.7.4

3.7.4

GNOME gnome-shell 3.7.4.1

3.7.4.1

GNOME gnome-shell 3.7.5

3.7.5

GNOME gnome-shell 3.7.91

3.7.91

GNOME gnome-shell 3.7.92

3.7.92

GNOME gnome-shell 3.8.0

3.8.0

GNOME gnome-shell 3.8.0.1

3.8.0.1

GNOME gnome-shell 3.8.1

3.8.1

GNOME gnome-shell 3.8.2

3.8.2

GNOME gnome-shell 3.8.3

3.8.3

GNOME gnome-shell 3.8.4

3.8.4

GNOME gnome-shell 3.9.1

3.9.1

GNOME gnome-shell 3.9.2

3.9.2

GNOME gnome-shell 3.9.3

3.9.3

GNOME gnome-shell 3.9.4

3.9.4

GNOME gnome-shell 3.9.5

3.9.5

GNOME gnome-shell 3.9.90

3.9.90

GNOME gnome-shell 3.9.91

3.9.91

References

[oss-security] 20131227 Two CVE request for gnome-shell/screensaver issues

[oss-security] 20131227 Re: Two CVE request for gnome-shell/screensaver issues

https://bugzilla.gnome.org/show_bug.cgi?id=708313

https://git.gnome.org/browse/gnome-shell/commit/js/ui/main.js?id=efdf1ff755943fba1f8a9aaeff77daa3ed338088

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.