 |
|
|
|
gnome-screensaver protection bypass
updated since 16.02.2010 | | Published: |  | 09.03.2010 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 10622 | | Type: |  | local | | Level: |  | 5/10 | | Description: |  | Screensaver crash on monitor hotplugging. |
| Affected: |  | GNOME : gnome-screensaver 2.28 | | CVE: |  | CVE-2010-0732 (gdk/gdkwindow.c in GTK+ before 2.18.5, as used in gnome-screensaver before 2.28.1, performs implicit paints on windows of type GDK_WINDOW_FOREIGN, which triggers an X error in certain circumstances and consequently allows physically proximate attackers to bypass screen locking and access an unattended workstation by pressing the Enter key many times.) | | | | CVE-2010-0422 (gnome-screensaver 2.28.x before 2.28.3 does not properly synchronize the state of screen locking and the unlock dialog in situations involving a change to the number of monitors, which allows physically proximate attackers to bypass screen locking and access an unattended workstation by connecting and disconnecting monitors multiple times, a related issue to CVE-2010-0414.) | | | | CVE-2010-0414 (gnome-screensaver before 2.28.2 allows physically proximate attackers to bypass screen locking and access an unattended workstation by moving the mouse position to an external monitor and then disconnecting that monitor.) | | | | CVE-2010-0285 (gnome-screensaver 2.14.3, 2.22.2, 2.27.x, 2.28.0, and 2.28.3, when the X configuration enables the extend screen option, allows physically proximate attackers to bypass screen locking, access an unattended workstation, and view half of the GNOME desktop by attaching an external monitor.) |
|
|
|
|
|
|
|
|
