Lucene search

[email protected]CVE-2010-0923

HistoryOct 03, 2022 - 4:21 p.m.

CVE-2010-0923

2022-10-0316:21:11

CWE-362

[email protected]

web.nvd.nist.gov

kde

sc 4.4.0

krunner

race condition

screen locking

security vulnerability

cve-2010-0923

6.7 Medium

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0005 Low

EPSS

Percentile

16.8%

JSON

Race condition in workspace/krunner/lock/lockdlg.cc in the KRunner lock module in kdebase in KDE SC 4.4.0 allows physically proximate attackers to bypass KScreenSaver screen locking and access an unattended workstation by pressing the Enter key at a certain time, related to multiple forked processes.

Affected configurations

NVD

Node

kdekde_scMatch4.4.0

CPENameOperatorVersion
kde:kde_sckde kde sceq4.4.0

CPE	Name	Operator	Version
kde:kde_sc	kde kde sc	eq	4.4.0

References

bugs.kde.org/show_bug.cgi?id=226449

marc.info/?l=oss-security&m=126598163422670&w=2

marc.info/?l=oss-security&m=126599909614401&w=2

marc.info/?l=oss-security&m=126600468622421&w=2

secunia.com/advisories/38600

securitytracker.com/id?1023641

websvn.kde.org/?revision=1089213&view=revision

websvn.kde.org/?view=revision&revision=1089241

websvn.kde.org/trunk/KDE/kdebase/workspace/krunner/lock/lockdlg.cc?r1=1089213&r2=1089212&pathrev=1089213

www.kde.org/info/security/advisory-20100217-1.txt

www.openwall.com/lists/oss-security/2010/02/17/3

www.vupen.com/english/advisories/2010/0409

bugs.kde.org/show_bug.cgi?id=217882

bugzilla.novell.com/show_bug.cgi?id=579280

6.7 Medium

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0005 Low

EPSS

Percentile

16.8%

JSON

Related for CVE-2010-0923

prion1 cvelist1 ubuntucve1 nvd1