CVE-2012-3452
First published: Tue Aug 07 2012(Updated: )
gnome-screensaver 3.4.x before 3.4.4 and 3.5.x before 3.5.4, when multiple screens are used, only locks the screen with the active focus, which allows physically proximate attackers to bypass screen locking and access an unattended workstation.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| GNOME Screensaver | =3.4.0 | |
| GNOME Screensaver | =3.4.2 | |
| GNOME Screensaver | =3.4.3 | |
| GNOME Screensaver | =3.5.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2012-3452?
CVE-2012-3452 is considered a medium severity vulnerability due to its potential to allow unauthorized access to unattended workstations.
How do I fix CVE-2012-3452?
To fix CVE-2012-3452, upgrade to GNOME screensaver version 3.4.4 or higher, or 3.5.4 or higher.
What systems are affected by CVE-2012-3452?
CVE-2012-3452 affects GNOME screensaver versions 3.4.0, 3.4.2, 3.4.3, and 3.5.3.
Can CVE-2012-3452 be exploited remotely?
CVE-2012-3452 cannot be exploited remotely; it requires physical proximity to the affected workstation.
What is the impact of CVE-2012-3452 on user privacy?
The impact of CVE-2012-3452 on user privacy includes the risk of unauthorized access to sensitive information on an unattended workstation.
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/description
- vendor/gnome
- canonical/gnome screensaver
- version/gnome screensaver/3.4.0
- version/gnome screensaver/3.4.2
- version/gnome screensaver/3.4.3
- version/gnome screensaver/3.5.3