ID CVE-2010-0422
Summary gnome-screensaver 2.28.x before 2.28.3 does not properly synchronize the state of screen locking and the unlock dialog in situations involving a change to the number of monitors, which allows physically proximate attackers to bypass screen locking and access an unattended workstation by connecting and disconnecting monitors multiple times, a related issue to CVE-2010-0414.
References
Vulnerable Configurations
  • cpe:2.3:a:gnome:screensaver:2.28.0:*:*:*:*:*:*:*
    cpe:2.3:a:gnome:screensaver:2.28.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gnome:screensaver:2.28.1:*:*:*:*:*:*:*
    cpe:2.3:a:gnome:screensaver:2.28.1:*:*:*:*:*:*:*
  • cpe:2.3:a:gnome:screensaver:2.28.2:*:*:*:*:*:*:*
    cpe:2.3:a:gnome:screensaver:2.28.2:*:*:*:*:*:*:*
CVSS
Base: 4.0 (as of 17-08-2017 - 01:31)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL HIGH NONE
Impact
ConfidentialityIntegrityAvailability
NONE COMPLETE NONE
cvss-vector via4 AV:L/AC:H/Au:N/C:N/I:C/A:N
refmap via4
bid 38248
confirm
fedora FEDORA-2010-1855
mlist [oss-security] 20100212 Re: gnome-screensaver vulnerability (CVE-2010-0414)
secunia
  • 38565
  • 38583
xf gnome-screensaver-monitor-sec-bypass(56364)
Last major update 17-08-2017 - 01:31
Published 24-02-2010 - 18:30
Last modified 17-08-2017 - 01:31
Back to Top