Mandriva Linux Security Advisory : clutter (MDVSA-2013:255)

Low Nessus Plugin ID 70522


The remote Mandriva Linux host is missing one or more security updates.


Updated clutter packages fix security vulnerability :

A security flaw was found in the way Clutter, an open source software library for creating rich graphical user interfaces, used to manage translation of hierarchy events in certain circumstances (when underlying device disappeared, causing XIQueryDevice query to throw an error). Physically proximate attackers could use this flaw for example to obtain unauthorized access to gnome-shell session right after system resume (due to gnome-shell crash) (CVE-2013-2190).


Update the affected packages.

See Also

Plugin Details

Severity: Low

ID: 70522

File Name: mandriva_MDVSA-2013-255.nasl

Version: $Revision: 1.2 $

Type: local

Published: 2013/10/20

Modified: 2013/11/25

Dependencies: 12634

Risk Information

Risk Factor: Low


Base Score: 2.1

Temporal Score: 1.8

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:clutter-i18n, p-cpe:/a:mandriva:linux:lib64clutter-gir1.0, p-cpe:/a:mandriva:linux:lib64clutter1.0-devel, p-cpe:/a:mandriva:linux:lib64clutter1.0_0, cpe:/o:mandriva:business_server:1

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2013/10/18

Reference Information

CVE: CVE-2013-2190

BID: 60593

MDVSA: 2013:255