Unrated severityNVD Advisory· Published Nov 23, 2013· Updated Jun 16, 2026
CVE-2013-4509
CVE-2013-4509
Description
The default configuration of IBUS 1.5.4, and possibly 1.5.2 and earlier, when IBus.InputPurpose.PASSWORD is not set and used with GNOME 3, does not obscure the entered password characters, which allows physically proximate attackers to obtain a user password by reading the lockscreen.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:ibus_project:ibus:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:ibus_project:ibus:*:*:*:*:*:*:*:*range: <=1.5.2
- cpe:2.3:a:ibus_project:ibus:1.5.4:*:*:*:*:*:*:*
- (no CPE)range: <=1.5.4
Patches
Vulnerability mechanics
References
7- code.google.com/p/mozc/issues/attachmentTextnvdPatch
- github.com/ibus/ibus-anthy/commit/6aae0a9f145f536515e268dd6b25aa740a5edfe7nvdPatch
- lists.opensuse.org/opensuse-updates/2013-11/msg00036.htmlnvd
- lists.opensuse.org/opensuse-updates/2013-12/msg00024.htmlnvd
- lists.opensuse.org/opensuse-updates/2014-01/msg00045.htmlnvd
- bugzilla.redhat.com/show_bug.cginvd
- groups.google.com/forum/nvd
News mentions
0No linked articles in our index yet.