CVE-2008-7320 Information

Feb 14, 2021 cve

Description

LICENSE README.md cvefilelist cvelist nvdcve nvdpages.sh scripts test-CVE-2017-1882.markdown test-CVE-2017-18822.markdown tmpvendorlinks DISPUTED LICENSE README.md cvefilelist cvelist nvdcve nvdpages.sh scripts test-CVE-2017-1882.markdown test-CVE-2017-18822.markdown tmpvendorlinks GNOME Seahorse through 3.30 allows physically proximate attackers to read plaintext passwords by using the quickAllow dialog at an unattended workstation if the keyring is unlocked. NOTE: this is disputed by a software maintainer because the behavior represents a design decision.

CVSS Vector

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Reference

https://bugs.launchpad.net/ubuntu/+source/seahorse/+bug/189774 https://bugs.launchpad.net/ubuntu/+source/seahorse/+bug/189774/comments/13 https://bugzilla.gnome.org/show_bug.cgi?id=551036 https://www.bountysource.com/issues/3849352-seahorse-shows-passwords-without-verification

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

6.8

Share on: