Lucene search
HistoryOct 06, 2014 - 11:55 p.m.
CVE-2013-1436
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.4
Confidence
Low
EPSS
0.067
Percentile
93.9%
The XMonad.Hooks.DynamicLog module in xmonad-contrib before 0.11.2 allows remote attackers to execute arbitrary commands via a web page title, which activates the commands when the user clicks on the xmobar window title, as demonstrated using an action tag.
Affected configurations
Node
xmonadxmonad-contrabRange≤0.11.1
ORxmonadxmonad-contrabMatch0.11
| Vendor | Product | Version | CPE |
|---|---|---|---|
| xmonad | xmonad-contrab | * | cpe:2.3:a:xmonad:xmonad-contrab:*:*:*:*:*:*:*:* |
| xmonad | xmonad-contrab | 0.11 | cpe:2.3:a:xmonad:xmonad-contrab:0.11:*:*:*:*:*:*:* |
Related
openvas
openvas
Fedora Update for ghc-X11 FEDORA-2013-13332
2013-08-20 00:00:00
Fedora Update for bluetile FEDORA-2013-13332
2013-08-20 00:00:00
Fedora Update for ghc-xmonad-contrib FEDORA-2013-13332
2013-08-20 00:00:00
cve
cve
CVE-2013-1436
2014-10-06 23:55:05
fedora
fedora
[SECURITY] Fedora 19 Update: ghc-xmonad-contrib-0.11.2-1.fc19
2013-08-06 00:26:00
[SECURITY] Fedora 19 Update: xmobar-0.18-1.fc19
2013-08-06 00:26:01
[SECURITY] Fedora 19 Update: bluetile-0.6-18.fc19
2013-08-06 00:26:01
cvelist
cvelist
CVE-2013-1436
2014-10-06 23:00:00
nessus
nessus
prion
prion
Design/Logic Flaw
2014-10-06 23:55:00
ubuntucve
ubuntucve
CVE-2013-1436
2014-10-06 00:00:00
osv
osv
code injection in xmonad-contrib
2023-06-19 21:35:14
debiancve
debiancve
CVE-2013-1436
2014-10-06 23:55:05
gentoo
gentoo
xmonad-contrib: Arbitrary code execution
2014-05-28 00:00:00
exploitdb
exploitdb
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.4
Confidence
Low
EPSS
0.067
Percentile
93.9%
Related for NVD:CVE-2013-1436