Lucene search

PRIOn knowledge basePRION:CVE-2013-1050

HistoryMar 08, 2013 - 10:55 p.m.

Default configuration

2013-03-0822:55:00

PRIOn knowledge base

www.prio-n.com

6.9 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

23.3%

JSON

The default configuration in gnome-screensaver 3.5.4 through 3.6.0 sets the AutostartCondition line to fallback mode in the .desktop file, which prevents the program from starting automatically after login and allows physically proximate attackers to bypass screen locking and access an unattended workstation.

CPENameOperatorVersion
gnome_screensavereq3.5.4
gnome_screensavereq3.6.0
gnome_screensavereq3.5.5

Name	Operator	Version
gnome_screensaver	eq	3.5.4
gnome_screensaver	eq	3.6.0
gnome_screensaver	eq	3.5.5

References

www.ubuntu.com/usn/USN-1716-1

bugs.launchpad.net/ubuntu/+source/gnome-screensaver/+bug/1120126

bugzilla.gnome.org/show_bug.cgi?id=683060

git.gnome.org/browse/gnome-screensaver/commit/?id=1940dc6bc8ad5ee2c029714efb1276c05ca80bd4

6.9 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

23.3%

JSON

Related for PRION:CVE-2013-1050