Remote Code Execution Vulnerability in GNOME Shell Plugin by GNOME
CVE-2012-4427

Currently unrated

Key Information:

Vendor: Gnome
Status: Gnome-shell
Vendor: CVE Published:; 1 October 2012

What is CVE-2012-4427?

The GNOME Shell Plugin version 3.4.1 is susceptible to a vulnerability that can be exploited by remote attackers. This flaw enables unauthorized users to manipulate the gnome-shell environment, forcing the download and installation of malicious extensions from extensions.gnome.org through obscure crafted web pages. Successful exploitation may compromise user data and system integrity, making it essential for users to ensure that their systems are protected against this threat.

References

https://bugzilla.novell.com/show_bug.cgi?id=779473

x_refsource_MISC

https://bugzilla.gnome.org/show_bug.cgi?id=684215

x_refsource_MISC

http://www.openwall.com/lists/oss-security/2012/09/13/19

mailing-listx_refsource_MLIST

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 1, 2012
Vulnerability Reserved
Aug 21, 2012

Gnome

What is CVE-2012-4427?

References

Timeline