CVE-2010-0414

medium

Description

gnome-screensaver before 2.28.2 allows physically proximate attackers to bypass screen locking and access an unattended workstation by moving the mouse position to an external monitor and then disconnecting that monitor.

References

https://bugzilla.redhat.com/show_bug.cgi?id=562217

https://bugzilla.gnome.org/show_bug.cgi?id=609337

http://www.ubuntu.com/usn/USN-898-1

http://www.securityfocus.com/bid/38149

http://www.osvdb.org/62219

http://www.mandriva.com/security/advisories?name=MDVSA-2010:040

http://secunia.com/advisories/38534

http://secunia.com/advisories/38532

http://secunia.com/advisories/38468

http://lists.fedoraproject.org/pipermail/package-announce/2010-February/034904.html

http://git.gnome.org/browse/gnome-screensaver/commit/?id=dcca89b7ab6e1220815af38da246434b2e13fd9f

http://git.gnome.org/browse/gnome-screensaver/commit/?id=a5f66339be6719c2b8fc478a1d5fc6545297d950

http://ftp.gnome.org/pub/GNOME/sources/gnome-screensaver/2.28/gnome-screensaver-2.28.2.news

Details

Source: Mitre, NVD

Published: 2010-02-11

Updated: 2010-02-26

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 6.8

Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Medium

Detections

Analytics