CVE-2010-0422
First published: Fri Feb 12 2010(Updated: )
gnome-screensaver 2.28.x before 2.28.3 does not properly synchronize the state of screen locking and the unlock dialog in situations involving a change to the number of monitors, which allows physically proximate attackers to bypass screen locking and access an unattended workstation by connecting and disconnecting monitors multiple times, a related issue to CVE-2010-0414.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| GNOME screensaver | =2.28.2 | |
| GNOME screensaver | =2.28.0 | |
| GNOME screensaver | =2.28.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035115.html
- http://www.securityfocus.com/bid/38248
- http://marc.info/?l=oss-security&m=126601292400764&w=2
- http://git.gnome.org/browse/gnome-screensaver/commit/?id=271ae93d7b140b8ba40d77f9e4ce894e5fd1b554
- http://ftp.gnome.org/pub/GNOME/sources/gnome-screensaver/2.28/gnome-screensaver-2.28.3.news
- https://bugzilla.redhat.com/show_bug.cgi?id=564464
- http://secunia.com/advisories/38565
- http://git.gnome.org/browse/gnome-screensaver/commit/?id=d4dcbd65a2df3c093c4e3a74bbbc75383eb9eadb
- http://secunia.com/advisories/38583
- https://bugzilla.gnome.org/show_bug.cgi?id=609789
- http://git.gnome.org/browse/gnome-screensaver/commit/?id=f93a22c175090cf02e80bc3ee676b53f1251f685
- https://exchange.xforce.ibmcloud.com/vulnerabilities/56364
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=609337
- https://access.redhat.com/security/cve/CVE-2010-0414
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=390573&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=390573&action=edit
- https://access.redhat.com/security/cve/CVE-2010-0422
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=564464#c7
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=564464#c0
- https://www.cve.org/CVERecord?id=CVE-2010-0422 https://nvd.nist.gov/vuln/detail/CVE-2010-0422
- https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0422.json
- collector/nvd-historical
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2010-0422
- collector/redhat-cve
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/gnome
- canonical/gnome screensaver
- version/gnome screensaver/2.28.2
- version/gnome screensaver/2.28.0
- version/gnome screensaver/2.28.1