CVE-2008-1356Improper Authentication in Solaris

CWE-287Improper Authentication4 documents4 sources
Severity
6.3MEDIUMNVD
EPSS
0.0%
top 89.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
SUN Solaris
Timeline
PublishedMar 17
Latest updateMay 1

Description

Unspecified vulnerability in xscreensaver in Sun Solaris 10 Java Desktop System (JDS), when using the GNOME On-Screen Keyboard (GOK), allows local users to bypass authentication via unknown vectors that cause the screen saver to crash.

CVSS vector

AV:L/AC:M/C:N/I:C/A:CExploitability: 3.4 | Impact: 9.2

Affected Packages1 packages

NVDsun/solaris10

Patches

Patch: sunsolve.sun.comPatch: sunsolve.sun.com

🔴Vulnerability Details

2
GHSA
GHSA-97cv-x3q8-67h7: Unspecified vulnerability in xscreensaver in Sun Solaris 10 Java Desktop System (JDS), when using the GNOME On-Screen Keyboard (GOK), allows local use2022-05-01
CVEList
CVE-2008-1356: Unspecified vulnerability in xscreensaver in Sun Solaris 10 Java Desktop System (JDS), when using the GNOME On-Screen Keyboard (GOK), allows local use2008-03-17

💥Exploits & PoCs

1
Exploit-DB
EO Video 1.36 - Playlist Overwrite (SEH)2009-03-09
CVE-2008-1356 — Improper Authentication in SUN Solaris | cvebase