Lucene search
GoogleOSV:HSEC-2023-0003HistoryJun 19, 2023 - 9:35 p.m.
code injection in xmonad-contrib
2023-06-1921:35:14
Google
osv.dev
6
xmonad
code injection
security vulnerability
dynamiclog
remote attackers
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.5
Confidence
Low
EPSS
0.067
Percentile
93.9%
code injection in xmonad-contrib
The XMonad.Hooks.DynamicLog module in xmonad-contrib before
0.11.2 allows remote attackers to execute arbitrary commands via a
web page title, which activates the commands when the user clicks on
the xmobar window title, as demonstrated using an action tag.
Related
openvas
openvas
Fedora Update for ghc-X11 FEDORA-2013-13332
2013-08-20 00:00:00
Fedora Update for bluetile FEDORA-2013-13332
2013-08-20 00:00:00
Fedora Update for ghc-xmonad-contrib FEDORA-2013-13332
2013-08-20 00:00:00
cve
cve
CVE-2013-1436
2014-10-06 23:55:05
cvelist
cvelist
CVE-2013-1436
2014-10-06 23:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: ghc-xmonad-contrib-0.11.2-1.fc19
2013-08-06 00:26:00
[SECURITY] Fedora 19 Update: xmobar-0.18-1.fc19
2013-08-06 00:26:01
[SECURITY] Fedora 19 Update: bluetile-0.6-18.fc19
2013-08-06 00:26:01
nessus
nessus
nvd
nvd
CVE-2013-1436
2014-10-06 23:55:05
prion
prion
Design/Logic Flaw
2014-10-06 23:55:00
ubuntucve
ubuntucve
CVE-2013-1436
2014-10-06 00:00:00
gentoo
gentoo
xmonad-contrib: Arbitrary code execution
2014-05-28 00:00:00
debiancve
debiancve
CVE-2013-1436
2014-10-06 23:55:05
exploitdb
exploitdb
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.5
Confidence
Low
EPSS
0.067
Percentile
93.9%
Related for OSV:HSEC-2023-0003