What is the severity of CVE-2009-4996?

The severity of CVE-2009-4996 is considered to be low due to its context-specific nature.

How do I fix CVE-2009-4996?

To fix CVE-2009-4996, it is recommended to upgrade to the latest version of Xfce that addresses this vulnerability.

What versions of Xfce are affected by CVE-2009-4996?

CVE-2009-4996 affects Xfce version 4.6-beta1.

What does CVE-2009-4996 exploit?

CVE-2009-4996 exploits a lack of screen locking when the suspend or hibernate buttons are pressed, potentially allowing unauthorized access.

Is there a workaround for CVE-2009-4996?

A potential workaround for CVE-2009-4996 is to manually lock the screen before suspending or hibernating the device.

Vulnerability/
CVE-2009-4996

high

7.2

CWE

264

7/9/2010

3/10/2022

7/8/2024

CVE-2009-4996

First published: Tue Sep 07 2010(Updated: )

** DISPUTED ** Xfce4-session 4.5.91 in Xfce does not lock the screen when the suspend or hibernate button is pressed, which might make it easier for physically proximate attackers to access an unattended laptop via a resume action, a related issue to CVE-2010-2532. NOTE: there is no general agreement that this is a vulnerability, because separate control over locking can be an equally secure, or more secure, behavior in some threat environments.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Xfce xfce4-settings	=4.6-beta1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-4996?
The severity of CVE-2009-4996 is considered to be low due to its context-specific nature.
How do I fix CVE-2009-4996?
To fix CVE-2009-4996, it is recommended to upgrade to the latest version of Xfce that addresses this vulnerability.
What versions of Xfce are affected by CVE-2009-4996?
CVE-2009-4996 affects Xfce version 4.6-beta1.
What does CVE-2009-4996 exploit?
CVE-2009-4996 exploits a lack of screen locking when the suspend or hibernate buttons are pressed, potentially allowing unauthorized access.
Is there a workaround for CVE-2009-4996?
A potential workaround for CVE-2009-4996 is to manually lock the screen before suspending or hibernating the device.

agent/references
agent/type
agent/first-publish-date
agent/severity
agent/weakness
agent/status
agent/softwarecombine
agent/description
collector/mitre-cve
source/MITRE
agent/event
agent/last-modified-date
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-api
source/NVD
agent/software-canonical-lookup
collector/nvd-historical
agent/author
status/disputed
vendor/xfce
canonical/xfce xfce4-settings
version/xfce xfce4-settings/4.6-beta1

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.