 |
|
|
|
Обход защиты gnome-screensaver
дополнено с 16 февраля 2010 г. | | Опубликовано: |  | 9 марта 2010 г. | | Источник: |  | BUGTRAQ | | SecurityVulns ID: |  | 10622 | | Тип: |  | локальная | | Опасность: |  | 5/10 | | Описание: |  | Отказ скринсейвера при подключении монитора. |
| Затронутые продукты: |  | GNOME : gnome-screensaver 2.28 | | CVE: |  | CVE-2010-0732 (gdk/gdkwindow.c in GTK+ before 2.18.5, as used in gnome-screensaver before 2.28.1, performs implicit paints on windows of type GDK_WINDOW_FOREIGN, which triggers an X error in certain circumstances and consequently allows physically proximate attackers to bypass screen locking and access an unattended workstation by pressing the Enter key many times.) | | | | CVE-2010-0422 (gnome-screensaver 2.28.x before 2.28.3 does not properly synchronize the state of screen locking and the unlock dialog in situations involving a change to the number of monitors, which allows physically proximate attackers to bypass screen locking and access an unattended workstation by connecting and disconnecting monitors multiple times, a related issue to CVE-2010-0414.) | | | | CVE-2010-0414 (gnome-screensaver before 2.28.2 allows physically proximate attackers to bypass screen locking and access an unattended workstation by moving the mouse position to an external monitor and then disconnecting that monitor.) | | | | CVE-2010-0285 (gnome-screensaver 2.14.3, 2.22.2, 2.27.x, 2.28.0, and 2.28.3, when the X configuration enables the extend screen option, allows physically proximate attackers to bypass screen locking, access an unattended workstation, and view half of the GNOME desktop by attaching an external monitor.) |
|
|
|
|
|
|
|
|
