CVE-2010-0422Screensaver vulnerability

8 documents8 sources
Severity
4.0MEDIUMNVD
CNA7.2OSV7.2
EPSS
0.1%
top 77.13%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Gnome Screensaver
Timeline
PublishedFeb 24
Latest updateMay 2

Description

gnome-screensaver 2.28.x before 2.28.3 does not properly synchronize the state of screen locking and the unlock dialog in situations involving a change to the number of monitors, which allows physically proximate attackers to bypass screen locking and access an unattended workstation by connecting and disconnecting monitors multiple times, a related issue to CVE-2010-0414.

CVSS vector

AV:L/AC:H/C:N/I:C/A:NExploitability: 1.9 | Impact: 6.9

Affected Packages1 packages

NVDgnome/screensaver2.28.0, 2.28.1, 2.28.2+2

🔴Vulnerability Details

3
GHSA
GHSA-82c2-q9r7-c94r: gnome-screensaver 22022-05-02
CVEList
CVE-2010-0422: gnome-screensaver 22010-02-24
OSV
CVE-2010-0422: gnome-screensaver 22010-02-24

📋Vendor Advisories

3
Ubuntu
gnome-screensaver vulnerabilities2010-03-08
Red Hat
gnome-screensaver: loses its unlock dialog and keyboard grab sometimes when plugging and unplugging monitor repeatedly2010-02-12
Debian
CVE-2010-0422: gnome-screensaver - gnome-screensaver 2.28.x before 2.28.3 does not properly synchronize the state o...2010

💬Community

1
Bugzilla
CVE-2010-0422 gnome-screensaver: loses its unlock dialog and keyboard grab sometimes when plugging and unplugging monitor repeatedly2010-02-12
CVE-2010-0422 — Gnome Screensaver vulnerability | cvebase