FKIE_CVE-2010-0414

Vulnerability from fkie_nvd - Published: 2010-02-11 20:30 - Updated: 2025-04-11 00:51
Severity ?
Summary
gnome-screensaver before 2.28.2 allows physically proximate attackers to bypass screen locking and access an unattended workstation by moving the mouse position to an external monitor and then disconnecting that monitor.
References
secalert@redhat.comhttp://ftp.gnome.org/pub/GNOME/sources/gnome-screensaver/2.28/gnome-screensaver-2.28.2.news
secalert@redhat.comhttp://git.gnome.org/browse/gnome-screensaver/commit/?id=a5f66339be6719c2b8fc478a1d5fc6545297d950
secalert@redhat.comhttp://git.gnome.org/browse/gnome-screensaver/commit/?id=dcca89b7ab6e1220815af38da246434b2e13fd9f
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/034904.html
secalert@redhat.comhttp://secunia.com/advisories/38468Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/38532
secalert@redhat.comhttp://secunia.com/advisories/38534Vendor Advisory
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:040
secalert@redhat.comhttp://www.osvdb.org/62219
secalert@redhat.comhttp://www.securityfocus.com/bid/38149
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-898-1
secalert@redhat.comhttps://bugzilla.gnome.org/show_bug.cgi?id=609337
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=562217
af854a3a-2127-422b-91ae-364da2661108http://ftp.gnome.org/pub/GNOME/sources/gnome-screensaver/2.28/gnome-screensaver-2.28.2.news
af854a3a-2127-422b-91ae-364da2661108http://git.gnome.org/browse/gnome-screensaver/commit/?id=a5f66339be6719c2b8fc478a1d5fc6545297d950
af854a3a-2127-422b-91ae-364da2661108http://git.gnome.org/browse/gnome-screensaver/commit/?id=dcca89b7ab6e1220815af38da246434b2e13fd9f
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-February/034904.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/38468Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/38532
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/38534Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2010:040
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/62219
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/38149
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-898-1
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.gnome.org/show_bug.cgi?id=609337
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=562217
Impacted products
Vendor Product Version
gnome screensaver *
gnome screensaver 2.13
gnome screensaver 2.20
gnome screensaver 2.20.0
gnome screensaver 2.26.1
gnome screensaver 2.28.0
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:gnome:screensaver:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "994F7A78-00FE-4BCD-A0CA-BE56B72BC534",
              "versionEndIncluding": "2.28.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnome:screensaver:2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BD3F6D9-F0DB-430F-87B1-834D3C0E8339",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnome:screensaver:2.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "F784A89F-6759-4801-B00F-502EE8AD4E71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnome:screensaver:2.20.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C625FA37-1414-4008-9826-D7E6C84DAAAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnome:screensaver:2.26.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "78D89DE8-E8AA-4E25-B251-5C641F3DB452",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnome:screensaver:2.28.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8F6FD15-5B21-48C5-BB33-D57C23859120",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "gnome-screensaver before 2.28.2 allows physically proximate attackers to bypass screen locking and access an unattended workstation by moving the mouse position to an external monitor and then disconnecting that monitor."
    },
    {
      "lang": "es",
      "value": "gnome-screensaver v2.28.2 permite a atacantes f\u00edsicamente pr\u00f3ximos , acceder un ordenador sin nadie sobre el que se ha bloqueado la pantalla de manera intencionada, moviendo el rat\u00f3n hacia una posici\u00f3n de un monitor externo y luego desconectando dicho monitor.."
    }
  ],
  "id": "CVE-2010-0414",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-02-11T20:30:00.783",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://ftp.gnome.org/pub/GNOME/sources/gnome-screensaver/2.28/gnome-screensaver-2.28.2.news"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://git.gnome.org/browse/gnome-screensaver/commit/?id=a5f66339be6719c2b8fc478a1d5fc6545297d950"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://git.gnome.org/browse/gnome-screensaver/commit/?id=dcca89b7ab6e1220815af38da246434b2e13fd9f"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/034904.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38468"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/38532"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38534"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:040"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.osvdb.org/62219"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/38149"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/USN-898-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.gnome.org/show_bug.cgi?id=609337"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=562217"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://ftp.gnome.org/pub/GNOME/sources/gnome-screensaver/2.28/gnome-screensaver-2.28.2.news"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.gnome.org/browse/gnome-screensaver/commit/?id=a5f66339be6719c2b8fc478a1d5fc6545297d950"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.gnome.org/browse/gnome-screensaver/commit/?id=dcca89b7ab6e1220815af38da246434b2e13fd9f"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/034904.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38468"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/38532"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38534"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:040"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/62219"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/38149"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-898-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.gnome.org/show_bug.cgi?id=609337"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=562217"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.