This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Gnome First view 2010-02-11
Product Screensaver Last view 2010-03-19
Version 2.26.1 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:gnome:screensaver

Activity : Overall

Related : CVE

  Date Alert Description
6.2 2010-03-19 CVE-2010-0732

gdk/gdkwindow.c in GTK+ before 2.18.5, as used in gnome-screensaver before 2.28.1, performs implicit paints on windows of type GDK_WINDOW_FOREIGN, which triggers an X error in certain circumstances and consequently allows physically proximate attackers to bypass screen locking and access an unattended workstation by pressing the Enter key many times.

7.2 2010-02-11 CVE-2010-0414

gnome-screensaver before 2.28.2 allows physically proximate attackers to bypass screen locking and access an unattended workstation by moving the mouse position to an external monitor and then disconnecting that monitor.

7.2 2010-02-11 CVE-2009-4642

gnome-screensaver 2.26.1 relies on the gnome-session D-Bus interface to determine session idle time, even when an Xfce desktop such as Xubuntu or Mythbuntu is used, which allows physically proximate attackers to access an unattended workstation on which screen locking had been intended.

CWE : Common Weakness Enumeration

%idName
100% (1) CWE-362 Race Condition

Open Source Vulnerability Database (OSVDB)

id Description
62323 gnome-screensaver gnome-session D-Bus Interface Screen Locking Bypass
62219 gnome-screensaver Monitor Topology Change Screen Lock Bypass
61203 GTK+ gdk/gdkwindow.c gdk_window_begin_implicit_paint() Function Foreign Windo...

OpenVAS Exploits

id Description
2010-05-28 Name : Mandriva Update for gtk+2.0 MDVSA-2010:109 (gtk+2.0)
File : nvt/gb_mandriva_MDVSA_2010_109.nasl
2010-03-02 Name : Fedora Update for gnome-screensaver FEDORA-2010-1556
File : nvt/gb_fedora_2010_1556_gnome-screensaver_fc12.nasl
2010-03-02 Name : Fedora Update for gnome-screensaver FEDORA-2010-1855
File : nvt/gb_fedora_2010_1855_gnome-screensaver_fc12.nasl
2010-02-19 Name : Mandriva Update for gnome-screensaver MDVSA-2010:040 (gnome-screensaver)
File : nvt/gb_mandriva_MDVSA_2010_040.nasl
2010-02-18 Name : FreeBSD Ports: gnome-screensaver
File : nvt/freebsd_gnome-screensaver.nasl
2010-02-15 Name : Ubuntu Update for gnome-screensaver vulnerability USN-898-1
File : nvt/gb_ubuntu_USN_898_1.nasl
2010-01-22 Name : Mandriva Update for mmc-wizard MDVA-2010:040 (mmc-wizard)
File : nvt/gb_mandriva_MDVA_2010_040.nasl

Nessus® Vulnerability Scanner

id Description
2014-12-15 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201412-08.nasl - Type: ACT_GATHER_INFO
2013-01-25 Name: The remote SuSE 11 host is missing one or more security updates.
File: suse_11_gnome-screensaver-100318.nasl - Type: ACT_GATHER_INFO
2010-07-30 Name: The remote Mandriva Linux host is missing a security update.
File: mandriva_MDVSA-2010-040.nasl - Type: ACT_GATHER_INFO
2010-07-01 Name: The remote Fedora host is missing a security update.
File: fedora_2010-1556.nasl - Type: ACT_GATHER_INFO
2010-05-28 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2010-109.nasl - Type: ACT_GATHER_INFO
2010-03-31 Name: The remote openSUSE host is missing a security update.
File: suse_11_0_gnome-screensaver-100318.nasl - Type: ACT_GATHER_INFO
2010-03-31 Name: The remote openSUSE host is missing a security update.
File: suse_11_1_gnome-screensaver-100318.nasl - Type: ACT_GATHER_INFO
2010-02-16 Name: The remote openSUSE host is missing a security update.
File: suse_11_2_gnome-screensaver-100214.nasl - Type: ACT_GATHER_INFO
2010-02-15 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_0a82ac0c188611dfb0d10015f2db7bde.nasl - Type: ACT_GATHER_INFO
2010-02-11 Name: The remote Ubuntu host is missing a security-related patch.
File: ubuntu_USN-898-1.nasl - Type: ACT_GATHER_INFO