Lucene search

[email protected]NVD:CVE-2009-4642

HistoryFeb 11, 2010 - 9:30 p.m.

CVE-2009-4642

2010-02-1121:30:00

[email protected]

web.nvd.nist.gov

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.5

Confidence

High

EPSS

0.001

Percentile

27.5%

JSON

gnome-screensaver 2.26.1 relies on the gnome-session D-Bus interface to determine session idle time, even when an Xfce desktop such as Xubuntu or Mythbuntu is used, which allows physically proximate attackers to access an unattended workstation on which screen locking had been intended.

Affected configurations

Nvd

Node

gnomescreensaverMatch2.26.1

VendorProductVersionCPE
gnomescreensaver2.26.1cpe:2.3:a:gnome:screensaver:2.26.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
gnome	screensaver	2.26.1	cpe:2.3:a:gnome:screensaver:2.26.1:::::::*

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=536381

bugzilla.xfce.org/show_bug.cgi?id=5927

bugzilla.gnome.org/show_bug.cgi?id=592093

launchpad.net/bugs/411350

launchpad.net/bugs/493573

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.5

Confidence

High

EPSS

0.001

Percentile

27.5%

JSON

Related for NVD:CVE-2009-4642

cvelist1 cve1 prion1 redhatcve1 ubuntucve1 debiancve1