CVE-2007-3920 — Screensaver vulnerability

15 documents8 sources

Severity

6.2MEDIUMNVD

CNA4.6OSV4.6

EPSS

0.1%

top 84.19%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

X.org Xorg-server Gnome Screensaver

Timeline

PublishedOct 29

Latest updateMay 1

Description

GNOME screensaver 2.20 in Ubuntu 7.10, when used with Compiz, does not properly reserve input focus, which allows attackers with physical access to take control of the session after entering an Alt-Tab sequence, a related issue to CVE-2007-3069.

CVSS vector

AV:L/AC:H/C:C/I:C/A:CExploitability: 1.9 | Impact: 10.0

Affected Packages2 packages

▶NVDgnome/screensaver2.20

▶Debianx.org/xorg-server< 2:1.4.1~git20080118-1+3

Patches

Patch: secunia.com ↗Patch: www.securityfocus.com ↗Patch: www.ubuntu.com ↗

🔴Vulnerability Details

GHSA

GHSA-pq79-5jg4-62p2: GNOME screensaver 2↗2022-05-01

▶

OSV

CVE-2007-3920: GNOME screensaver 2↗2007-10-29

▶

CVEList

CVE-2007-3920: GNOME screensaver 2↗2007-10-29

▶

📋Vendor Advisories

Red Hat

compiz-fusion: Possible locked desktop access by using Expo plugin mouse shortcuts↗2008-07-09

▶

Ubuntu

Compiz vulnerability↗2007-11-02

▶

Ubuntu

gnome-screensaver vulnerability↗2007-10-23

▶

Red Hat

gnome-screensaver loses keyboard grab when running under compiz↗2007-10-19

▶

Debian

CVE-2007-3920: gnome-screensaver - GNOME screensaver 2.20 in Ubuntu 7.10, when used with Compiz, does not properly ...↗2007

▶

💬Community

Bugzilla

CVE-2008-6514 compiz-fusion: Possible locked desktop access by using Expo plugin mouse shortcuts↗2009-03-24

▶

Bugzilla

CVE-2007-3920 gnome-screensaver loses keyboard grab when running under compiz [F8]↗2007-11-01

▶

Bugzilla

CVE-2007-3920 gnome-screensaver loses keyboard grab when running under compiz [FC6]↗2007-10-29

▶

Bugzilla

CVE-2007-3920 gnome-screensaver loses keyboard grab when running under compiz [Fdevel]↗2007-10-29

▶

Bugzilla

CVE-2007-3920 gnome-screensaver loses keyboard grab when running under compiz [F7]↗2007-10-29

▶