6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
6.9 Medium
AI Score
Confidence
Low
0.024 Low
EPSS
Percentile
90.0%
The gnome-shell plugin 3.4.1 in GNOME allows remote attackers to force the download and installation of arbitrary extensions from extensions.gnome.org via a crafted web page.
CPE | Name | Operator | Version |
---|---|---|---|
gnome:gnome-shell | gnome gnome-shell | eq | 3.4.1 |
www.openwall.com/lists/oss-security/2012/09/08/1
www.openwall.com/lists/oss-security/2012/09/13/19
www.openwall.com/lists/oss-security/2012/09/13/26
www.openwall.com/lists/oss-security/2012/09/18/3
www.securityfocus.com/bid/55556
bugzilla.gnome.org/show_bug.cgi?id=684215
bugzilla.novell.com/show_bug.cgi?id=779473