CVE-2010-0414
First published: Fri Feb 05 2010(Updated: )
gnome-screensaver before 2.28.2 allows physically proximate attackers to bypass screen locking and access an unattended workstation by moving the mouse position to an external monitor and then disconnecting that monitor.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| GNOME Screensaver | =2.20.0 | |
| GNOME Screensaver | =2.13 | |
| GNOME Screensaver | <=2.28.1 | |
| GNOME Screensaver | =2.20 | |
| GNOME Screensaver | =2.28.0 | |
| GNOME Screensaver | =2.26.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://git.gnome.org/browse/gnome-screensaver/commit/?id=dcca89b7ab6e1220815af38da246434b2e13fd9f
- http://www.osvdb.org/62219
- http://secunia.com/advisories/38468
- http://www.securityfocus.com/bid/38149
- http://secunia.com/advisories/38534
- http://git.gnome.org/browse/gnome-screensaver/commit/?id=a5f66339be6719c2b8fc478a1d5fc6545297d950
- https://bugzilla.redhat.com/show_bug.cgi?id=562217
- http://www.ubuntu.com/usn/USN-898-1
- http://ftp.gnome.org/pub/GNOME/sources/gnome-screensaver/2.28/gnome-screensaver-2.28.2.news
- http://lists.fedoraproject.org/pipermail/package-announce/2010-February/034904.html
- https://bugzilla.gnome.org/show_bug.cgi?id=609337
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:040
- http://secunia.com/advisories/38532
- https://www.cve.org/CVERecord?id=CVE-2010-0414 https://nvd.nist.gov/vuln/detail/CVE-2010-0414
- https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0414.json
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=389117&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=389117&action=edit
- http://git.gnome.org/browse/gnome-screensaver/commit/?id=f6d3defdc
- http://git.gnome.org/browse/gnome-settings-daemon/commit/?id=be513b3
- https://access.redhat.com/security/cve/CVE-2010-0414
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=566774
Frequently Asked Questions
What is the severity of CVE-2010-0414?
CVE-2010-0414 is classified as a medium severity vulnerability due to its potential to allow unauthorized access to sensitive information.
How do I fix CVE-2010-0414?
To fix CVE-2010-0414, you should upgrade the GNOME screensaver to version 2.28.2 or later where the vulnerability has been addressed.
Who is affected by CVE-2010-0414?
CVE-2010-0414 affects users of GNOME screensaver versions prior to 2.28.2, including versions 2.20.0, 2.20, 2.28.0, and 2.26.1.
What are the consequences of CVE-2010-0414?
The consequences of CVE-2010-0414 include the potential for physical attackers to bypass the screen lock and gain access to unattended workstations.
Is there a workaround for CVE-2010-0414?
Currently, there are no known workarounds for CVE-2010-0414, and upgrading to the latest version is the recommended solution.
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- collector/redhat-cve
- source/Red Hat
- collector/redhat-bugzilla
- alias/CVE-2010-0414
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/references
- agent/weakness
- agent/last-modified-date
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/gnome
- canonical/gnome screensaver
- version/gnome screensaver/2.20.0
- version/gnome screensaver/2.13
- version/gnome screensaver/2.28.1
- version/gnome screensaver/2.20
- version/gnome screensaver/2.28.0
- version/gnome screensaver/2.26.1