CVE-2007-6389 — Screensaver vulnerability

8 documents8 sources

Severity

2.1LOWNVD

EPSS

0.1%

top 76.78%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Gnome Screensaver

Timeline

PublishedDec 17

Latest updateMay 1

Description

The notify feature in GNOME screensaver (gnome-screensaver) 2.20.0 might allow local users to read the clipboard contents and X selection data for a locked session by using ctrl-V.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

▶NVDgnome/screensaver2.20

🔴Vulnerability Details

GHSA

GHSA-qp6p-hvgc-rmqv: The notify feature in GNOME screensaver (gnome-screensaver) 2↗2022-05-01

▶

OSV

CVE-2007-6389: The notify feature in GNOME screensaver (gnome-screensaver) 2↗2007-12-17

▶

CVEList

CVE-2007-6389: The notify feature in GNOME screensaver (gnome-screensaver) 2↗2007-12-17

▶

📋Vendor Advisories

Ubuntu

gnome-screensaver vulnerabilities↗2008-11-11

▶

Red Hat

gnome-screensaver clipboard content leak↗2007-12-12

▶

Debian

CVE-2007-6389: gnome-screensaver - The notify feature in GNOME screensaver (gnome-screensaver) 2.20.0 might allow l...↗2007

▶

💬Community

Bugzilla

CVE-2007-6389 gnome-screensaver clipboard content leak↗2007-12-12

▶