Lucene search
Ubuntu.comUB:CVE-2013-7436HistoryApr 10, 2015 - 12:00 a.m.
CVE-2013-7436
2015-04-1000:00:00
ubuntu.com
ubuntu.com
6
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.004 Low
EPSS
Percentile
74.7%
noVNC before 0.5 does not set the secure flag for a cookie in an https
session, which makes it easier for remote attackers to capture this cookie
by intercepting its transmission within an http session.
Bugs
Related
cve
cve
CVE-2013-7436
2015-04-10 14:59:00
redhat
redhat
(RHSA-2015:0884) Moderate: novnc security update
2015-04-23 00:00:00
(RHSA-2015:0833) Moderate: novnc security update
2015-04-16 13:12:19
(RHSA-2015:0788) Moderate: novnc security update
2015-04-07 00:00:00
veracode
veracode
Insecure Cookies
2019-01-15 09:05:23
Insecure Cookies
2018-07-18 08:48:48
mageia
mageia
Updated novnc packages fix CVE-2013-7436
2015-04-04 13:45:56
prion
prion
Session fixation
2015-04-10 14:59:00
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0133)
2022-01-28 00:00:00
nessus
nessus
RHEL 6 : novnc (RHSA-2015:0884)
2024-04-27 00:00:00
debiancve
debiancve
CVE-2013-7436
2015-04-10 14:59:00
cvelist
cvelist
CVE-2013-7436
2015-04-10 14:00:00
nvd
nvd
CVE-2013-7436
2015-04-10 14:59:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.004 Low
EPSS
Percentile
74.7%
Related for UB:CVE-2013-7436