CVE-2009-4641
Summary
| CVE | CVE-2009-4641 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2010-02-11 21:30:00 UTC |
| Updated | 2010-07-07 04:00:00 UTC |
| Description | gnome-screensaver 2.28.0 does not resume adherence to its activation settings after an inhibiting application becomes unavailable on the session bus, which allows physically proximate attackers to access an unattended workstation on which screen locking had been intended. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Gnome | Screensaver | 2.28.0 | All | All | All |
| Application | Gnome | Screensaver | 2.28.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Bug #411350 “gnome-screensaver not functioning” : Bugs : “gnome-screensaver” package : Ubuntu | CONFIRM | launchpad.net | |
| Bug 600488 – Totem is leaking session inhibitors | CONFIRM | bugzilla.gnome.org | Patch |
| Support / Security / Advisories / / MDVSA-2010:040 | Mandriva | MANDRIVA | www.mandriva.com | |
| USN-866-1: gnome-screensaver vulnerability | Ubuntu | UBUNTU | www.ubuntu.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
| Organization | Published | Contributor | Statement |
|---|---|---|---|
| Red Hat | 2010-03-17 | Vincent Danen | Not vulnerable. This issue did not affect the versions of gnome-screensaver as shipped with Red Hat Enterprise Linux 5. |
There are currently no legacy QID mappings associated with this CVE.