Executive Summary

Informations
Name CVE-2010-0732 First vendor Publication 2010-03-19
Vendor Cve Last vendor Modification 2010-06-05

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:H/Au:N/C:C/I:C/A:C)
Cvss Base Score 6.2 Attack Range Local
Cvss Impact Score 10 Attack Complexity High
Cvss Expoit Score 1.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

gdk/gdkwindow.c in GTK+ before 2.18.5, as used in gnome-screensaver before 2.28.1, performs implicit paints on windows of type GDK_WINDOW_FOREIGN, which triggers an X error in certain circumstances and consequently allows physically proximate attackers to bypass screen locking and access an unattended workstation by pressing the Enter key many times.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0732

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-362 Race Condition

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 8

OpenVAS Exploits

Date Description
2010-05-28 Name : Mandriva Update for gtk+2.0 MDVSA-2010:109 (gtk+2.0)
File : nvt/gb_mandriva_MDVSA_2010_109.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
61203 GTK+ gdk/gdkwindow.c gdk_window_begin_implicit_paint() Function Foreign Windo...

Nessus® Vulnerability Scanner

Date Description
2014-12-15 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201412-08.nasl - Type : ACT_GATHER_INFO
2013-01-25 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_gnome-screensaver-100318.nasl - Type : ACT_GATHER_INFO
2010-05-28 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-109.nasl - Type : ACT_GATHER_INFO
2010-03-31 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_gnome-screensaver-100318.nasl - Type : ACT_GATHER_INFO
2010-03-31 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_gnome-screensaver-100318.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/38211
CONFIRM http://ftp.gnome.org/pub/gnome/sources/gtk+/2.18/gtk+-2.18.5.news
http://git.gnome.org/browse/gnome-screensaver/commit/?h=gnome-2-28&id=98f...
http://git.gnome.org/browse/gnome-screensaver/commit/?id=ab08cc93f2dc6223c8c0...
http://git.gnome.org/browse/gtk+/commit/?id=0748cf563d0d0d03001a62589f13be16a...
https://bugs.edge.launchpad.net/ubuntu/+source/gnome-screensaver/+bug/446395
https://bugzilla.gnome.org/show_bug.cgi?id=598476
https://bugzilla.redhat.com/show_bug.cgi?id=565527
MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2010:109
MISC http://www.heise.de/newsticker/meldung/Gnome-Bildschirmsperre-in-OpenSuse-Lin...
MLIST http://www.openwall.com/lists/oss-security/2010/02/12/1
http://www.openwall.com/lists/oss-security/2010/03/05/2
http://www.openwall.com/lists/oss-security/2010/03/16/9
SECUNIA http://secunia.com/advisories/39317
SUSE http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
Date Informations
2020-05-23 01:41:44
  • Multiple Updates
2020-05-23 00:25:21
  • Multiple Updates
2016-06-28 18:03:37
  • Multiple Updates
2016-04-26 19:36:51
  • Multiple Updates
2014-12-16 13:24:34
  • Multiple Updates
2014-02-17 10:54:04
  • Multiple Updates
2013-05-10 23:19:23
  • Multiple Updates