CVE-2009-1276 — Sensitive Information Exposure in Opensolaris

CWE-200 — Sensitive Information Exposure3 documents3 sources

Severity

2.1LOWNVD

EPSS

0.1%

top 81.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SUN Opensolaris SUN Solaris

Timeline

PublishedApr 9

Latest updateMay 2

Description

XScreenSaver in Sun Solaris 10 and OpenSolaris before snv_109, and Solaris 8 and 9 with GNOME 2.0 or 2.0.2, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, as demonstrated by Thunderbird new-mail notifications.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages2 packages

▶NVDsun/opensolarissnv_108+107

▶NVDsun/solaris10, 8, 9+2

Patches

Patch: sunsolve.sun.com ↗Patch: sunsolve.sun.com ↗Patch: sunsolve.sun.com ↗

🔴Vulnerability Details

GHSA

GHSA-h96c-vv5w-hqpj: XScreenSaver in Sun Solaris 10 and OpenSolaris before snv_109, and Solaris 8 and 9 with GNOME 2↗2022-05-02

▶

CVEList

CVE-2009-1276: XScreenSaver in Sun Solaris 10 and OpenSolaris before snv_109, and Solaris 8 and 9 with GNOME 2↗2009-04-09

▶