Lucene search
MitreCVELIST:CVE-2018-6353HistoryJan 27, 2018 - 3:00 p.m.
CVE-2018-6353
2018-01-2715:00:00
mitre
www.cve.org
3
python
electrum
arbitrary code
social-engineering attacks
physically proximate attacks
bitcoin theft
The Python console in Electrum through 2.9.4 and 3.x through 3.0.5 supports arbitrary Python code without considering (1) social-engineering attacks in which a user pastes code that they do not understand and (2) code pasted by a physically proximate attacker at an unattended workstation, which makes it easier for attackers to steal Bitcoin via hook code that runs at a later time when the wallet password has been entered, a different vulnerability than CVE-2018-1000022.
Related
prion
prion
Code injection
2018-01-27 15:29:00
Authorization
2018-02-09 23:29:00
osv
osv
CVE-2018-6353
2018-01-27 15:29:00
CVE-2018-1000022
2018-02-09 23:29:00
debiancve
debiancve
CVE-2018-6353
2018-01-27 15:29:00
CVE-2018-1000022
2018-02-09 23:29:00
nvd
nvd
CVE-2018-6353
2018-01-27 15:29:00
CVE-2018-1000022
2018-02-09 23:29:00
cve
cve
CVE-2018-6353
2018-01-27 15:29:00
CVE-2018-1000022
2018-02-09 23:29:00
ubuntucve
ubuntucve
CVE-2018-6353
2018-01-27 00:00:00
CVE-2018-1000022
2018-02-09 00:00:00
cvelist
cvelist
CVE-2018-1000022
2018-02-09 23:00:00
fedora
fedora
[SECURITY] Fedora 27 Update: electrum-3.0.6-1.fc27
2018-03-06 17:34:25
nessus
nessus
freebsd
freebsd
electrum -- JSONRPC vulnerability
2018-01-27 00:00:00
openvas
openvas
Fedora Update for electrum FEDORA-2018-4edbabf88a
2018-03-14 00:00:00