{"api_version":"1","generated_at":"2026-04-23T08:38:32+00:00","cve":"CVE-2009-4641","urls":{"html":"https://cve.report/CVE-2009-4641","api":"https://cve.report/api/cve/CVE-2009-4641.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2009-4641","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2009-4641"},"summary":{"title":"CVE-2009-4641","description":"gnome-screensaver 2.28.0 does not resume adherence to its activation settings after an inhibiting application becomes unavailable on the session bus, which allows physically proximate attackers to access an unattended workstation on which screen locking had been intended.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2010-02-11 21:30:00","updated_at":"2010-07-07 04:00:00"},"problem_types":["NVD-CWE-Other"],"metrics":[],"references":[{"url":"https://launchpad.net/bugs/411350","name":"https://launchpad.net/bugs/411350","refsource":"CONFIRM","tags":[],"title":"Bug #411350 “gnome-screensaver not functioning” : Bugs : “gnome-screensaver” package : Ubuntu","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://bugzilla.gnome.org/show_bug.cgi?id=600488","name":"https://bugzilla.gnome.org/show_bug.cgi?id=600488","refsource":"CONFIRM","tags":["Patch"],"title":"Bug 600488 – Totem is leaking session inhibitors","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:040","name":"MDVSA-2010:040","refsource":"MANDRIVA","tags":[],"title":"Support / Security / Advisories /  / MDVSA-2010:040 | Mandriva","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.ubuntu.com/usn/USN-866-1","name":"USN-866-1","refsource":"UBUNTU","tags":[],"title":"USN-866-1: gnome-screensaver vulnerability | Ubuntu","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2009-4641","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2009-4641","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2009","cve_id":"4641","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"screensaver","cpe6":"2.28.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"4641","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"screensaver","cpe6":"2.28.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[{"cvename":"CVE-2009-4641","organization":"Red Hat","lastmodified":"2010-03-17","contributor":"Vincent Danen","statementText":"Not vulnerable. This issue did not affect the versions of gnome-screensaver as shipped with Red Hat Enterprise Linux 5.","cve_year":"2009","cve_id":"4641","crc32":"33739ec4"}],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2009-4641","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"gnome-screensaver 2.28.0 does not resume adherence to its activation settings after an inhibiting application becomes unavailable on the session bus, which allows physically proximate attackers to access an unattended workstation on which screen locking had been intended."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"MDVSA-2010:040","refsource":"MANDRIVA","url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:040"},{"name":"USN-866-1","refsource":"UBUNTU","url":"http://www.ubuntu.com/usn/USN-866-1"},{"name":"https://bugzilla.gnome.org/show_bug.cgi?id=600488","refsource":"CONFIRM","url":"https://bugzilla.gnome.org/show_bug.cgi?id=600488"},{"name":"https://launchpad.net/bugs/411350","refsource":"CONFIRM","url":"https://launchpad.net/bugs/411350"}]}},"nvd":{"publishedDate":"2010-02-11 21:30:00","lastModifiedDate":"2010-07-07 04:00:00","problem_types":["NVD-CWE-Other"],"metrics":{"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE","baseScore":7.2},"severity":"HIGH","exploitabilityScore":3.9,"impactScore":10,"obtainAllPrivilege":true,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:gnome:screensaver:2.28.0:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2009","CveId":"4641","Ordinal":"42502","Title":"CVE-2009-4641","CVE":"CVE-2009-4641","Year":"2009"},"notes":[{"CveYear":"2009","CveId":"4641","Ordinal":"1","NoteData":"gnome-screensaver 2.28.0 does not resume adherence to its activation settings after an inhibiting application becomes unavailable on the session bus, which allows physically proximate attackers to access an unattended workstation on which screen locking had been intended.","Type":"Description","Title":null},{"CveYear":"2009","CveId":"4641","Ordinal":"2","NoteData":"2010-02-11","Type":"Other","Title":"Published"},{"CveYear":"2009","CveId":"4641","Ordinal":"3","NoteData":"2010-02-24","Type":"Other","Title":"Modified"}]}}}