Novell Home

CVE-2013-4509

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2013-4509 at MITRE

Description

The default configuration of IBUS 1.5.4, and possibly 1.5.2 and earlier, when IBus.InputPurpose.PASSWORD is not set and used with GNOME 3, does not obscure the entered password characters, which allows physically proximate attackers to obtain a user password by reading the lockscreen.

NVD CVSS v2 Base Score: 1.9 (AV:L/AC:M/Au:N/C:P/I:N/A:N)

Novell/SUSE information

Novell Bugzilla entry: 847718

SUSE Security Advisories:

© 2014 Novell