CVE-2009-2711Sensitive Information Exposure in Opensolaris

CWE-200Sensitive Information Exposure4 documents4 sources
Severity
4.9MEDIUMNVD
CNA2.1
EPSS
0.1%
top 78.60%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
SUN OpensolarisSUN SolarisX.org X11
Timeline
PublishedAug 7
Latest updateMay 2

Description

XScreenSaver in Sun Solaris 9 and 10, OpenSolaris before snv_120, and X11 6.4.1 for Solaris 8, when the Xorg or Xnewt server is used, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, a different vulnerability than CVE-2009-1276.

CVSS vector

AV:L/AC:L/C:C/I:N/A:NExploitability: 3.9 | Impact: 6.9

Affected Packages3 packages

NVDsun/opensolaris119 versions+118
NVDsun/solaris10, 8.0, 9.0+2
NVDx.org/x116.4.1

Patches

Patch: sunsolve.sun.comPatch: sunsolve.sun.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-xxfr-xhcv-m89f: XScreenSaver in Sun Solaris 9 and 10, OpenSolaris before snv_120, and X11 62022-05-02
CVEList
CVE-2009-2711: XScreenSaver in Sun Solaris 9 and 10, OpenSolaris before snv_120, and X11 62009-08-07

💬Community

1
Bugzilla
CVE-2006-7250 openssl: mime_hdr_cmp NULL dereference crash2012-02-28
CVE-2009-2711 — Sensitive Information Exposure | cvebase