Lucene search
Gentoo FoundationMGASA-2015-0133HistoryApr 04, 2015 - 1:45 p.m.
Updated novnc packages fix CVE-2013-7436
2015-04-0413:45:56
Gentoo Foundation
advisories.mageia.org
8
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.004 Low
EPSS
Percentile
74.7%
Updated novnc package fixes security vulnerability: noVNC before 0.5.1 allows an attacker to steal insecurely set session token cookies, hijacking active or inactive VNC sessions (CVE-2013-7436).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 4 | noarch | novnc | < 0.4-9.2 | novnc-0.4-9.2.mga4 |
Related
redhat
redhat
(RHSA-2015:0788) Moderate: novnc security update
2015-04-07 00:00:00
(RHSA-2015:0884) Moderate: novnc security update
2015-04-23 00:00:00
(RHSA-2015:0833) Moderate: novnc security update
2015-04-16 13:12:19
ubuntucve
ubuntucve
CVE-2013-7436
2015-04-10 00:00:00
debiancve
debiancve
CVE-2013-7436
2015-04-10 14:59:00
cve
cve
CVE-2013-7436
2015-04-10 14:59:00
veracode
veracode
Insecure Cookies
2019-01-15 09:05:23
Insecure Cookies
2018-07-18 08:48:48
prion
prion
Session fixation
2015-04-10 14:59:00
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0133)
2022-01-28 00:00:00
nessus
nessus
RHEL 6 : novnc (RHSA-2015:0884)
2024-04-27 00:00:00
cvelist
cvelist
CVE-2013-7436
2015-04-10 14:00:00
nvd
nvd
CVE-2013-7436
2015-04-10 14:59:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.004 Low
EPSS
Percentile
74.7%
Related for MGASA-2015-0133