CVE-2013-1050
First published: Fri Mar 08 2013(Updated: )
The default configuration in gnome-screensaver 3.5.4 through 3.6.0 sets the AutostartCondition line to fallback mode in the .desktop file, which prevents the program from starting automatically after login and allows physically proximate attackers to bypass screen locking and access an unattended workstation.
Credit: security@ubuntu.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| GNOME Screensaver | =3.5.4 | |
| GNOME Screensaver | =3.5.5 | |
| GNOME Screensaver | =3.6.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2013-1050?
CVE-2013-1050 has a moderate severity level due to its potential to allow unauthorized access.
How do I fix CVE-2013-1050?
To fix CVE-2013-1050, update gnome-screensaver to version 3.6.1 or later, which addresses the vulnerability.
Which versions of gnome-screensaver are affected by CVE-2013-1050?
CVE-2013-1050 affects gnome-screensaver versions 3.5.4 through 3.6.0.
What type of attack does CVE-2013-1050 allow?
CVE-2013-1050 allows physically proximate attackers to bypass screen locking.
Where can I find more information about CVE-2013-1050?
For more information about CVE-2013-1050, refer to the security advisory and bug reports related to gnome-screensaver.
- agent/references
- agent/author
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/weakness
- agent/severity
- agent/description
- vendor/gnome
- canonical/gnome screensaver
- version/gnome screensaver/3.5.4
- version/gnome screensaver/3.5.5
- version/gnome screensaver/3.6.0