ALT-PU-2020-1842-1

Package update ibus in branch p9

Version1.5.22-alt2

Published2020-04-22

Max severityHIGH

Severity:

Closed issues (2)

HIGH7.1

Уязвимость системы ввода для записи нескольких языков в Unix-подобных операционных системах ibus, позволяющая нарушителю получить несанкционированный доступ к информации и нарушить ее целостность

Published: 2020-05-13Modified: 2023-11-21

CVSS 3.xHIGH 7.1

CVSS:3.x/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CVSS 2.0MEDIUM 6.6

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:N

References

CVE-2019-14822

HIGH7.1

A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may use this flaw to intercept all keystrokes of a victim user who is using the graphical interface, change the input method engine, or modify other input related configurations of the victim user.

Published: 2019-11-25Modified: 2024-11-21

CVSS 2.0LOW 3.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:N

CVSS 3.xHIGH 7.1

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

References

Closed bugs (1)

Независимые данные не отделены