Lucene search

MitreCVE-2008-6514

HistoryMar 24, 2009 - 2:30 p.m.

CVE-2008-6514

2009-03-2414:30:00

CWE-264

mitre

web.nvd.nist.gov

compiz fusion

expo plugin

bypass

locked desktop

cve-2008-6514

CVSS2

6.2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

AI Score

5.8

Confidence

Low

EPSS

0.003

Percentile

70.1%

JSON

The Expo plugin in Compiz Fusion 0.7.8 allows local users with physical access to drag the screen saver aside and access the locked desktop by using Expo mouse shortcuts, a related issue to CVE-2007-3920.

Affected configurations

Nvd

Node

compizcompiz_fusionMatch0.7.8

VendorProductVersionCPE
compizcompiz_fusion0.7.8cpe:2.3:a:compiz:compiz_fusion:0.7.8:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
compiz	compiz_fusion	0.7.8	cpe:2.3:a:compiz:compiz_fusion:0.7.8:::::::*

References

bugzilla.gnome.org/show_bug.cgi?id=561567

gitweb.compiz-fusion.org/?p=fusion/plugins/expo%3Ba=commit%3Bh=f97a9fa6f0ad578f674d1f248bd7bef90e3260e0

secunia.com/advisories/33077

secunia.com/advisories/34465

www.securityfocus.com/bid/32712

bugs.launchpad.net/ubuntu/+source/compiz-fusion-plugins-main/+bug/247088

exchange.xforce.ibmcloud.com/vulnerabilities/47172

www.redhat.com/archives/fedora-package-announce/2009-March/msg00860.html

www.redhat.com/archives/fedora-package-announce/2009-March/msg00878.html

CVSS2

6.2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

AI Score

5.8

Confidence

Low

EPSS

0.003

Percentile

70.1%

JSON

Related for CVE-2008-6514