Executive Summary
Summary | |
---|---|
Title | Sun Alert 255308 A Security Vulnerability May Allow Popup Windows to Appear Through the Solaris XScreenSaver Program |
Informations | |||
---|---|---|---|
Name | SUN-255308 | First vendor Publication | 2009-04-07 |
Vendor | Sun | Last vendor Modification | 2009-08-27 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:P/I:N/A:N) | |||
---|---|---|---|
Cvss Base Score | 2.1 | Attack Range | Local |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Product: Solaris 8 Operating System Solaris 9 Operating System Solaris 10 Operating System OpenSolaris A security vulnerability in the Solaris XScreenSaver (see xscreensaver(1)) program may allow popup windows to appear through the lock screen and expose sensitive data. An example application affected by this issue is Thunderbird, which notifies users about new mail through popup windows. State: Resolved First released: 07-Apr-2009 |
Original Source
Url : http://blogs.sun.com/security/entry/sun_alert_255308_a_security |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-200 | Information Exposure |
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
53628 | Solaris XScreenSaver PopUp Window Information Disclosure |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2007-02-18 | Name : The remote host is missing Sun Security Patch number 120094-36 File : solaris10_120094.nasl - Type : ACT_GATHER_INFO |
2007-02-18 | Name : The remote host is missing Sun Security Patch number 120095-36 File : solaris10_x86_120095.nasl - Type : ACT_GATHER_INFO |
2006-11-06 | Name : The remote host is missing Sun Security Patch number 115158-14 File : solaris9_115158.nasl - Type : ACT_GATHER_INFO |
2006-11-06 | Name : The remote host is missing Sun Security Patch number 115159-14 File : solaris9_x86_115159.nasl - Type : ACT_GATHER_INFO |