CVE-2009-4641

Published Feb 11, 2010

Last updated 14 years ago

Overview

Description: gnome-screensaver 2.28.0 does not resume adherence to its activation settings after an inhibiting application becomes unavailable on the session bus, which allows physically proximate attackers to access an unattended workstation on which screen locking had been intended.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.2
Impact score: 10
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Vendor comments

Red HatNot vulnerable. This issue did not affect the versions of gnome-screensaver as shipped with Red Hat Enterprise Linux 5.

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:gnome:screensaver:2.28.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D8F6FD15-5B21-48C5-BB33-D57C23859120"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Vendor comments

Configurations

References