[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2013-7374Date: (C)2014-05-02   (M)2023-12-22


The Ubuntu Date and Time Indicator (aka indicator-datetime) 13.10.0+13.10.x before 13.10.0+13.10.20131023.2-0ubuntu1.1 does not properly restrict access to Evolution, which allows local users to bypass the greeter screen restrictions by clicking the date.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.6
Exploit Score: 3.9
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
USN-2186-1
http://www.openwall.com/lists/oss-security/2014/04/29/3
http://www.openwall.com/lists/oss-security/2014/04/30/1
http://bazaar.launchpad.net/~indicator-applet-developers/indicator-datetime/trunk.13.10/revision/282
https://bugs.launchpad.net/ubuntu/%2Bsource/indicator-datetime/%2Bbug/1246812

CPE    1
cpe:/o:canonical:ubuntu_linux:13.10
CWE    1
CWE-264
OVAL    1
oval:org.secpod.oval:def:701659

© SecPod Technologies