ID CVE-2009-3851
Summary Trusted Extensions in Sun Solaris 10 interferes with the operation of the xscreensaver-demo command for the XScreenSaver application, which makes it easier for physically proximate attackers to access an unattended workstation for which the intended screen locking did not occur, related to the "restart daemon."
References
Vulnerable Configurations
  • cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*
    cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*
  • cpe:2.3:o:sun:solaris:10.0:*:x86:*:*:*:*:*
    cpe:2.3:o:sun:solaris:10.0:*:x86:*:*:*:*:*
CVSS
Base: 7.2 (as of 19-09-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
oval via4
accepted 2010-01-25T04:00:26.233-05:00
class vulnerability
contributors
name Pai Peng
organization Hewlett-Packard
definition_extensions
  • comment Solaris 10 (SPARC) is installed
    oval oval:org.mitre.oval:def:1440
  • comment Solaris 10 (x86) is installed
    oval oval:org.mitre.oval:def:1926
description Trusted Extensions in Sun Solaris 10 interferes with the operation of the xscreensaver-demo command for the XScreenSaver application, which makes it easier for physically proximate attackers to access an unattended workstation for which the intended screen locking did not occur, related to the "restart daemon."
family unix
id oval:org.mitre.oval:def:6845
status accepted
submitted 2009-12-17T14:02:00.000-05:00
title Security Vulnerability in Solaris Trusted Extensions may Prevent XScreenSaver (xscreensaver(1)) From Running
version 30
refmap via4
confirm http://sunsolve.sun.com/search/document.do?assetkey=1-21-120094-28-1
sunalert 270809
Last major update 19-09-2017 - 01:29
Published 03-11-2009 - 16:30
Back to Top