CVE-2013-1050
Severity Score
7.2
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The default configuration in gnome-screensaver 3.5.4 through 3.6.0 sets the AutostartCondition line to fallback mode in the .desktop file, which prevents the program from starting automatically after login and allows physically proximate attackers to bypass screen locking and access an unattended workstation.
La configuración por defecto en gnome-screensaver v3.5.4 hasta v3.6.0 fija la opción AutostartCondition a modo de retorno en el archivo .Desktop, lo que impide que el programa se inicie automáticamente después de un inicio de sesión y permite a los atacantes físicamente próximos saltarse el bloqueo de pantalla y acceder a una estación de trabajo sin vigilancia.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2013-01-11 CVE Reserved
- 2013-02-12 CVE Published
- 2024-09-16 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| https://bugzilla.gnome.org/show_bug.cgi?id=683060 | X_refsource_misc | |
| https://git.gnome.org/browse/gnome-screensaver/commit/?id=1940dc6bc8ad5ee2c029714efb1276c05ca80bd4 | X_refsource_misc |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.ubuntu.com/usn/USN-1716-1 | 2013-03-18 | |
| https://bugs.launchpad.net/ubuntu/+source/gnome-screensaver/+bug/1120126 | 2013-03-18 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Gnome Search vendor "Gnome" | Gnome Screensaver Search vendor "Gnome" for product "Gnome Screensaver" | 3.5.4 Search vendor "Gnome" for product "Gnome Screensaver" and version "3.5.4" | - |
Affected
| ||||||
| Gnome Search vendor "Gnome" | Gnome Screensaver Search vendor "Gnome" for product "Gnome Screensaver" | 3.5.5 Search vendor "Gnome" for product "Gnome Screensaver" and version "3.5.5" | - |
Affected
| ||||||
| Gnome Search vendor "Gnome" | Gnome Screensaver Search vendor "Gnome" for product "Gnome Screensaver" | 3.6.0 Search vendor "Gnome" for product "Gnome Screensaver" and version "3.6.0" | - |
Affected
| ||||||