CVE-2009-4642
First published: Thu Feb 11 2010(Updated: )
gnome-screensaver 2.26.1 relies on the gnome-session D-Bus interface to determine session idle time, even when an Xfce desktop such as Xubuntu or Mythbuntu is used, which allows physically proximate attackers to access an unattended workstation on which screen locking had been intended.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| GNOME Screensaver | =2.26.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2009-4642?
CVE-2009-4642 has a moderate severity rating due to its potential to allow unauthorized access to unattended workstations.
How do I fix CVE-2009-4642?
To fix CVE-2009-4642, consider upgrading to a newer version of GNOME screensaver that addresses this vulnerability.
Who is affected by CVE-2009-4642?
Users of GNOME screensaver 2.26.1 on Xfce desktop environments like Xubuntu or Mythbuntu are affected by CVE-2009-4642.
What is the cause of CVE-2009-4642?
CVE-2009-4642 is caused by the GNOME screensaver relying on the gnome-session D-Bus interface to determine session idle time.
When was CVE-2009-4642 disclosed?
CVE-2009-4642 was disclosed in 2009, highlighting vulnerabilities in session management for screen locking mechanisms.
- agent/type
- agent/softwarecombine
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/gnome
- canonical/gnome screensaver
- version/gnome screensaver/2.26.1