CVE-2007-3920
Published Oct 29, 2007
Last updated 7 years ago
Overview
- Description
- GNOME screensaver 2.20 in Ubuntu 7.10, when used with Compiz, does not properly reserve input focus, which allows attackers with physical access to take control of the session after entering an Alt-Tab sequence, a related issue to CVE-2007-3069.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.2
- Impact score
- 10
- Exploitability score
- 1.9
- Vector string
- AV:L/AC:H/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Social media
- Hype score
- Not currently trending
Vendor comments
- Red HatThis issue affected Red Hat Enterprise Linux 5 with a low security impact. An update to the compiz package was released to correct this issue: https://rhn.redhat.com/errata/RHSA-2008-0485.html
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:7.10:*:amd64:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "FB928CC9-0BC3-4AE1-B20B-A58A4C4AAE24"
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:7.10:*:i386:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "BB850565-A800-44A6-945E-CB235531C5DD"
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:7.10:*:powerpc:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "3F37A796-E028-4247-A5E6-66B89A583F87"
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:7.10:*:sparc:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "61DA44B7-FE1A-4452-843E-EAF1404B86F3"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:compiz:compiz:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "93384956-31D4-4111-B447-A6710A8A6306"
},
{
"criteria": "cpe:2.3:a:gnome:screensaver:2.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F784A89F-6759-4801-B00F-502EE8AD4E71"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]