CVE-2010-0732
Gentoo Linux Security Advisory 201412-08
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
gdk/gdkwindow.c in GTK+ before 2.18.5, as used in gnome-screensaver before 2.28.1, performs implicit paints on windows of type GDK_WINDOW_FOREIGN, which triggers an X error in certain circumstances and consequently allows physically proximate attackers to bypass screen locking and access an unattended workstation by pressing the Enter key many times.
gdk/gdkwindow.c en GTK+ anterior a v2.18.5, utilizada en gnome-screensaver anterior a v2.28.1, realiza pinturas implícitas en las ventanas de tipo GDK_WINDOW_FOREIGN, lo que lanza un error X en ciertas circunstancias y consecuentemente permite a atacantes próximos físicamente evitar el bloqueo de pantalla y acceder a un ordenador presionando la tecla Enter durante un cierto tiempo
This GLSA contains notification of vulnerabilities found in several Gentoo packages which have been fixed prior to January 1, 2011. The worst of these vulnerabilities could lead to local privilege escalation and remote code execution.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2010-02-26 CVE Reserved
- 2010-03-19 CVE Published
- 2024-08-07 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CAPEC
References (15)
URL | Tag | Source |
---|---|---|
http://secunia.com/advisories/39317 | Broken Link | |
http://www.heise.de/newsticker/meldung/Gnome-Bildschirmsperre-in-OpenSuse-Linux-wirkungslos-2-Update-928580.html | Third Party Advisory | |
http://www.openwall.com/lists/oss-security/2010/02/12/1 | Mailing List |
|
http://www.openwall.com/lists/oss-security/2010/03/16/9 | Mailing List |
|
http://www.securityfocus.com/bid/38211 | Third Party Advisory | |
https://bugs.edge.launchpad.net/ubuntu/+source/gnome-screensaver/+bug/446395 | Third Party Advisory |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Gnome Search vendor "Gnome" | Gtk Search vendor "Gnome" for product "Gtk" | < 2.18.5 Search vendor "Gnome" for product "Gtk" and version " < 2.18.5" | - |
Affected
| ||||||
Gnome Search vendor "Gnome" | Screensaver Search vendor "Gnome" for product "Screensaver" | < 2.28.1 Search vendor "Gnome" for product "Screensaver" and version " < 2.28.1" | - |
Affected
|