Vulnerability Details : CVE-2013-7220
js/ui/screenShield.js in GNOME Shell (aka gnome-shell) before 3.8 allows physically proximate attackers to execute arbitrary commands by leveraging an unattended workstation with the keyboard focus on the Activities search.
Exploit prediction scoring system (EPSS) score for CVE-2013-7220
Probability of exploitation activity in the next 30 days: 0.06%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 25 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2013-7220
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
4.6
|
MEDIUM | AV:L/AC:L/Au:N/C:P/I:P/A:P |
3.9
|
6.4
|
NIST |
References for CVE-2013-7220
-
http://www.openwall.com/lists/oss-security/2013/12/27/6
oss-security - Re: Re: Two CVE request for gnome-shell/screensaver issues
-
http://www.openwall.com/lists/oss-security/2013/12/27/8
oss-security - Re: Two CVE request for gnome-shell/screensaver issues
-
https://bugzilla.redhat.com/show_bug.cgi?id=1030431
1030431 – (CVE-2013-7220) CVE-2013-7220 gnome-shell: blind command execution via activities search keyboard focus
-
https://bugzilla.gnome.org/show_bug.cgi?id=686740
Bug 686740 – difficult to transition to the new lock screen
-
http://www.openwall.com/lists/oss-security/2013/12/27/4
oss-security - Two CVE request for gnome-shell/screensaver issues
-
https://github.com/o2platform/DefCon_RESTing/tree/master/Live-Demos/Neo4j
DefCon_RESTing/Live-Demos/Neo4j at master · o2platform/DefCon_RESTing · GitHub
Products affected by CVE-2013-7220
- cpe:2.3:a:gnome:gnome-shell:*:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.7.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.7.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.6.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.3.92:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.3.91:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.3.90:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.0.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.7.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.7.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.2.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.1.90.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.7.91:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.7.5:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.5.91:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.5.90:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.1.92:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.1.91.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.1.91:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.7.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.7.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.5.92:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.1.90:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gnome-shell:3.0.0:*:*:*:*:*:*:*