CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
Confidence
High
EPSS
Percentile
89.9%
The gnome-shell plugin 3.4.1 in GNOME allows remote attackers to force the download and installation of arbitrary extensions from extensions.gnome.org via a crafted web page.
Vendor | Product | Version | CPE |
---|---|---|---|
gnome | gnome-shell | 3.4.1 | cpe:2.3:a:gnome:gnome-shell:3.4.1:*:*:*:*:*:*:* |
www.openwall.com/lists/oss-security/2012/09/08/1
www.openwall.com/lists/oss-security/2012/09/13/19
www.openwall.com/lists/oss-security/2012/09/13/26
www.openwall.com/lists/oss-security/2012/09/18/3
www.securityfocus.com/bid/55556
bugzilla.gnome.org/show_bug.cgi?id=684215
bugzilla.novell.com/show_bug.cgi?id=779473