slock 'XRaiseWindow()' Local Security Bypass Vulnerability

Bugtraq ID:	52922
Class:	Design Error
CVE:	CVE-2012-1620
Remote:	No
Local:	Yes
Published:	Apr 06 2012 12:00AM
Updated:	Dec 16 2014 06:57AM
Credit:	Longpoke in a Gentoo bug
Vulnerable:	suckless.org slock 0.9 Gentoo Linux
Not Vulnerable:

slock 'XRaiseWindow()' Local Security Bypass Vulnerability

slock is prone to a local security-bypass vulnerability.

Attackers can exploit this issue to bypass security restrictions and perform unauthorized actions.

slock 'XRaiseWindow()' Local Security Bypass Vulnerability

An exploit is available; please see references for more information.

slock 'XRaiseWindow()' Local Security Bypass Vulnerability

Solution:
The vendor has fixed the issue in the repository. Please see the references for more information.

slock 'XRaiseWindow()' Local Security Bypass Vulnerability

References:

• Bug 401645 - (CVE-2012-1620) (Longpoke)
  
• slock Homepage (suckless.org )