369 matches found
CVE-2009-4997
gnome-power-manager 2.27.92 does not properly implement the lockonsuspend and lockonhibernate settings for locking the screen when the suspend or hibernate button is pressed, which might make it easier for physically proximate attackers to access an unattended laptop via a resume action, a relate...
PT-2010-1799 · Xfce · Xfce4-Session
Name of the Vulnerable Software and Affected Versions: Xfce4-session version 4.5.91 Description: The issue concerns Xfce4-session not locking the screen when the suspend or hibernate button is pressed. This could potentially allow physically proximate attackers to access an unattended laptop via ...
CVE-2010-2532
lxsession-logout in lxsession in LXDE, as used on SUSE openSUSE 11.3 and other platforms, does not lock the screen when the Suspend or Hibernate button is pressed, which might make it easier for physically proximate attackers to access an unattended laptop via a resume action. NOTE: there is no...
CVE-2010-2532
CVE-2010-2532 affects lxsession-logout in lxsession (LXDE) as used on openSUSE 11.3 and similar setups. The flaw is that suspend/hibernate button presses do not lock the screen, potentially enabling physically proximate attackers to resume and access the unattended system. Connected advisories ti...
CVE-2010-2532
lxsession-logout in lxsession in LXDE, as used on SUSE openSUSE 11.3 and other platforms, does not lock the screen when the Suspend or Hibernate button is pressed, which might make it easier for physically proximate attackers to access an unattended laptop via a resume action. NOTE: there is no...
PT-2010-4085 · Lxde · Lxsession
Name of the Vulnerable Software and Affected Versions: lxsession versions in LXDE, as used on SUSE openSUSE 11.3 and other platforms Description: The issue concerns the behavior of lxsession-logout in LXDE when the Suspend or Hibernate button is pressed. It does not lock the screen, which might...
ATOK screen lock bypass vulnerability
Overview ATOK from JustSystems Corporation contains a screen lock bypass vulnerability. ATOK from JustSystems Corporation is a software for Japanese Kana-Kanji conversion. ATOK contains an issue with the restriction of launching external applications, which may lead to a screen lock bypass...
CVE-2010-0732
gdk/gdkwindow.c in GTK+ before 2.18.5, as used in gnome-screensaver before 2.28.1, performs implicit paints on windows of type GDKWINDOWFOREIGN, which triggers an X error in certain circumstances and consequently allows physically proximate attackers to bypass screen locking and access an...
DEBIAN-CVE-2010-0732
gdk/gdkwindow.c in GTK+ before 2.18.5, as used in gnome-screensaver before 2.28.1, performs implicit paints on windows of type GDKWINDOWFOREIGN, which triggers an X error in certain circumstances and consequently allows physically proximate attackers to bypass screen locking and access an...
CVE-2010-0732
The CVE-2010-0732 issue affects GTK+ up to 2.18.5 (as used in gnome-screensaver up to 2.28.1). It arises from implicit paints on GDK_WINDOW_FOREIGN windows, triggering an X error that can allow physically proximate attackers to bypass screen locking by repeatedly pressing Enter. Affected componen...
PT-2010-2479 · Gtk+ Team +1 · Gtk+ +1
Name of the Vulnerable Software and Affected Versions: GTK+ versions prior to 2.18.5 gnome-screensaver versions prior to 2.28.1 Description: The issue allows physically proximate attackers to bypass screen locking and access an unattended workstation by pressing the Enter key many times, due to...
DEBIAN-CVE-2010-0414
gnome-screensaver before 2.28.2 allows physically proximate attackers to bypass screen locking and access an unattended workstation by moving the mouse position to an external monitor and then disconnecting that monitor...
CVE-2010-0414
CVE-2010-0414 concerns gnome-screensaver, with vulnerable versions prior to 2.28.2. When the screen is locked, a physically proximate attacker can bypass the lock by moving the mouse to an external monitor and then disconnecting that monitor, potentially gaining access to an unattended workstatio...
CVE-2010-0414
gnome-screensaver before 2.28.2 allows physically proximate attackers to bypass screen locking and access an unattended workstation by moving the mouse position to an external monitor and then disconnecting that monitor...
CVE-2010-0414
gnome-screensaver before 2.28.2 allows physically proximate attackers to bypass screen locking and access an unattended workstation by moving the mouse position to an external monitor and then disconnecting that monitor...
DEBIAN-CVE-2010-0014
System Security Services Daemon SSSD before 1.0.1, when the krb5 authprovider is configured but the KDC is unreachable, allows physically proximate attackers to authenticate, via an arbitrary password, to the screen-locking program on a workstation that has any user's Kerberos ticket-granting...
Ubuntu 9.10 : gnome-screensaver vulnerability (USN-866-1)
It was discovered that gnome-screensaver did not always re-enable itself after applications requested it to ignore idle timers. This may result in the screen not being automatically locked after the inactivity timeout is reached, permitting an attacker with physical access to gain access to an...
USN-866-1: gnome-screensaver vulnerability
It was discovered that gnome-screensaver did not always re-enable itself after applications requested it to ignore idle timers. This may result in the screen not being automatically locked after the inactivity timeout is reached, permitting an attacker with physical access to gain access to an...
Design/Logic Flaw
Unspecified vulnerability in xscreensaver in Sun Solaris 10, and OpenSolaris before snv112, when Xorg or Xnewt is used and RandR is enabled, allows physically proximate attackers to read a locked screen via unknown vectors related to XRandR resize events...
JVN#57040664 ATOK screen lock bypass vulnerability
ATOK from JustSystems Corporation is a software for Japanese Kana-Kanji conversion. ATOK contains an issue with the restriction of launching external applications, which may lead to a screen lock bypass vulnerability. Impact An attacker could execute arbitrary code or program with the privileges ...