CVE-2010-0422
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
gnome-screensaver 2.28.x before 2.28.3 does not properly synchronize the state of screen locking and the unlock dialog in situations involving a change to the number of monitors, which allows physically proximate attackers to bypass screen locking and access an unattended workstation by connecting and disconnecting monitors multiple times, a related issue to CVE-2010-0414.
gnome-screensaver v2.28.x anterio a v2.28.3, no sincroniza adecuadamente el estado del bloqueo de pantalla ni del desbloqueo en situaciones que involucran un cambio en el número de monitores, lo que permite a atacantes próximos físicamente evitar el bloqueo de pantalla y acceder a un ordenador mediante la conexión y desconexión del monitor varias veces. Relacionada con el CVE-2010-0414.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2010-01-27 CVE Reserved
- 2010-02-24 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (12)
| URL | Tag | Source |
|---|---|---|
| http://ftp.gnome.org/pub/GNOME/sources/gnome-screensaver/2.28/gnome-screensaver-2.28.3.news | X_refsource_confirm | |
| http://git.gnome.org/browse/gnome-screensaver/commit/?id=271ae93d7b140b8ba40d77f9e4ce894e5fd1b554 | X_refsource_confirm | |
| http://git.gnome.org/browse/gnome-screensaver/commit/?id=d4dcbd65a2df3c093c4e3a74bbbc75383eb9eadb | X_refsource_confirm | |
| http://git.gnome.org/browse/gnome-screensaver/commit/?id=f93a22c175090cf02e80bc3ee676b53f1251f685 | X_refsource_confirm | |
| http://marc.info/?l=oss-security&m=126601292400764&w=2 | Mailing List | |
| http://www.securityfocus.com/bid/38248 | Vdb Entry | |
| https://bugzilla.gnome.org/show_bug.cgi?id=609789 | X_refsource_confirm | |
| https://bugzilla.redhat.com/show_bug.cgi?id=564464 | X_refsource_confirm | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/56364 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035115.html | 2017-08-17 | |
| http://secunia.com/advisories/38565 | 2017-08-17 | |
| http://secunia.com/advisories/38583 | 2017-08-17 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Gnome Search vendor "Gnome" | Screensaver Search vendor "Gnome" for product "Screensaver" | 2.28.0 Search vendor "Gnome" for product "Screensaver" and version "2.28.0" | - |
Affected
| ||||||
| Gnome Search vendor "Gnome" | Screensaver Search vendor "Gnome" for product "Screensaver" | 2.28.1 Search vendor "Gnome" for product "Screensaver" and version "2.28.1" | - |
Affected
| ||||||
| Gnome Search vendor "Gnome" | Screensaver Search vendor "Gnome" for product "Screensaver" | 2.28.2 Search vendor "Gnome" for product "Screensaver" and version "2.28.2" | - |
Affected
| ||||||