1. CVE-Search
  2. CVE-2013-4509
ID CVE-2013-4509
Summary The default configuration of IBUS 1.5.4, and possibly 1.5.2 and earlier, when IBus.InputPurpose.PASSWORD is not set and used with GNOME 3, does not obscure the entered password characters, which allows physically proximate attackers to obtain a user password by reading the lockscreen.
References
Vulnerable Configurations
  • cpe:2.3:a:ibus_project:ibus:1.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:-:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:-:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:0.1.0.20080810:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:0.1.0.20080810:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:0.1.1.20080812:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:0.1.1.20080812:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:0.1.1.20080815:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:0.1.1.20080815:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:0.1.1.20080821:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:0.1.1.20080821:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:0.1.1.20080823:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:0.1.1.20080823:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:0.1.1.20080830:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:0.1.1.20080830:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:0.1.1.20081023:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:0.1.1.20081023:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.1.0.20090211:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.1.0.20090211:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.1.0.20090217:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.1.0.20090217:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.1.0.20090225:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.1.0.20090225:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.1.0.20090306:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.1.0.20090306:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.1.0.20090311:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.1.0.20090311:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.1.0.20090331:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.1.0.20090331:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.1.0.20090407:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.1.0.20090407:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.1.0.20090413:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.1.0.20090413:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.1.0.20090417:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.1.0.20090417:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.1.0.20090423:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.1.0.20090423:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.1.0.20090508:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.1.0.20090508:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.1.0.20090531:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.1.0.20090531:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.1.0.20090609:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.1.0.20090609:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.1.0.20090612:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.1.0.20090612:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.1.0.20090812:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.1.0.20090812:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.1.0.20090829:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.1.0.20090829:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.2.0.20090617:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.2.0.20090617:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.2.0.20090719:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.2.0.20090719:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.2.0.20090722:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.2.0.20090722:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.2.0.20090723:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.2.0.20090723:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.2.0.20090806:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.2.0.20090806:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.2.0.20090807:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.2.0.20090807:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.2.0.20090810:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.2.0.20090810:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.2.0.20090812:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.2.0.20090812:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.2.0.20090828:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.2.0.20090828:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.2.0.20090904:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.2.0.20090904:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.2.0.20090915:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.2.0.20090915:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.2.0.20090927:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.2.0.20090927:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.2.0.20091014:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.2.0.20091014:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.2.0.20091024:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.2.0.20091024:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.2.0.20091124:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.2.0.20091124:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.2.0.20091204:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.2.0.20091204:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.2.0.20091215:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.2.0.20091215:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.2.0.20091225:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.2.0.20091225:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.2.0.20100111:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.2.0.20100111:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.2.99.20100202:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.2.99.20100202:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.2.99.20100322:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.2.99.20100322:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.3.4:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.3.5:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.3.6:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.3.7:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.3.7:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.3.8:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.3.8:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.3.9:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.3.9:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.4.99.20121006:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.4.99.20121006:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.4.99.20121109:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.4.99.20121109:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibus_project:ibus:1.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:ibus_project:ibus:1.5.2:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
CVSS
Base: 1.9 (as of 13-02-2023 - 04:47)
Impact:
Exploitability:
CWE CWE-255
CAPEC
Access
VectorComplexityAuthentication
LOCAL MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:L/AC:M/Au:N/C:P/I:N/A:N
refmap via4
confirm
misc https://groups.google.com/forum/#!topic/ibus-user/mvCHDO1BJUw
suse
  • openSUSE-SU-2013:1686
  • openSUSE-SU-2013:1825
  • openSUSE-SU-2014:0068
Last major update 13-02-2023 - 04:47
Published 23-11-2013 - 19:55
Last modified 13-02-2023 - 04:47
Back to Top