Vulnerability CVE-2010-0414


Published: 2010-02-11   Modified: 2012-02-13

Description:
gnome-screensaver before 2.28.2 allows physically proximate attackers to bypass screen locking and access an unattended workstation by moving the mouse position to an external monitor and then disconnecting that monitor.

Type:

CWE-Other

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.2/10
10/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Gnome -> Screensaver 

 References:
https://bugzilla.redhat.com/show_bug.cgi?id=562217
https://bugzilla.gnome.org/show_bug.cgi?id=609337
http://www.ubuntu.com/usn/USN-898-1
http://www.securityfocus.com/bid/38149
http://www.osvdb.org/62219
http://www.mandriva.com/security/advisories?name=MDVSA-2010:040
http://secunia.com/advisories/38534
http://secunia.com/advisories/38532
http://secunia.com/advisories/38468
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/034904.html
http://git.gnome.org/browse/gnome-screensaver/commit/?id=dcca89b7ab6e1220815af38da246434b2e13fd9f
http://git.gnome.org/browse/gnome-screensaver/commit/?id=a5f66339be6719c2b8fc478a1d5fc6545297d950
http://ftp.gnome.org/pub/GNOME/sources/gnome-screensaver/2.28/gnome-screensaver-2.28.2.news

Copyright 2024, cxsecurity.com

 

Back to Top