[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249461

 
 

909

 
 

195508

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2010-0422Date: (C)2010-02-24   (M)2023-12-22


gnome-screensaver 2.28.x before 2.28.3 does not properly synchronize the state of screen locking and the unlock dialog in situations involving a change to the number of monitors, which allows physically proximate attackers to bypass screen locking and access an unattended workstation by connecting and disconnecting monitors multiple times, a related issue to CVE-2010-0414.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.0
Exploit Score: 1.9
Impact Score: 6.9
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: HIGH
Authentication: NONE
Confidentiality: NONE
Integrity: COMPLETE
Availability: NONE
  
Reference:
BID-38248
SECUNIA-38565
SECUNIA-38583
FEDORA-2010-1855
http://marc.info/?l=oss-security&m=126601292400764&w=2
gnome-screensaver-monitor-sec-bypass(56364)
http://ftp.gnome.org/pub/GNOME/sources/gnome-screensaver/2.28/gnome-screensaver-2.28.3.news
http://git.gnome.org/browse/gnome-screensaver/commit/?id=271ae93d7b140b8ba40d77f9e4ce894e5fd1b554
http://git.gnome.org/browse/gnome-screensaver/commit/?id=d4dcbd65a2df3c093c4e3a74bbbc75383eb9eadb
http://git.gnome.org/browse/gnome-screensaver/commit/?id=f93a22c175090cf02e80bc3ee676b53f1251f685
https://bugzilla.gnome.org/show_bug.cgi?id=609789
https://bugzilla.redhat.com/show_bug.cgi?id=564464

OVAL    2
oval:org.secpod.oval:def:100403
oval:org.secpod.oval:def:700177

© SecPod Technologies