GNOME Seahorse through 3.30 allows physically proximate attackers to read plaintext passwords by using the quickAllow dialog at an unattended workstation, if the keyring is unlocked. NOTE: this is disputed by a software maintainer because the behavior represents a design decision
References
Link | Resource |
---|---|
https://bugs.launchpad.net/ubuntu/+source/seahorse/+bug/189774 | Issue Tracking Third Party Advisory |
https://bugs.launchpad.net/ubuntu/+source/seahorse/+bug/189774/comments/13 | Issue Tracking Third Party Advisory |
https://bugzilla.gnome.org/show_bug.cgi?id=551036 | Issue Tracking Vendor Advisory |
https://www.bountysource.com/issues/3849352-seahorse-shows-passwords-without-verification | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-03T16:13:53
Updated: 2022-10-03T16:13:53
Reserved: 2022-10-03T00:00:00
Link: CVE-2008-7320
JSON object: View
NVD Information
Status : Modified
Published: 2018-11-18T19:29:00.220
Modified: 2024-05-17T00:42:02.483
Link: CVE-2008-7320
JSON object: View
Redhat Information
No data.
CWE