CVE-2007-3920

Published: 29 October 2007

GNOME screensaver 2.20 in Ubuntu 7.10, when used with Compiz, does not properly reserve input focus, which allows attackers with physical access to take control of the session after entering an Alt-Tab sequence, a related issue to CVE-2007-3069.

Priority

Status

Package	Release	Status
compiz Launchpad, Ubuntu, Debian	gutsy	Released (1:0.6.0+git20071008-0ubuntu1.1)
compiz Launchpad, Ubuntu, Debian	upstream	Released (0.6.2+git20071119)
gnome-screensaver Launchpad, Ubuntu, Debian	dapper	Not vulnerable
	edgy	Not vulnerable
	feisty	Not vulnerable
	gutsy	Released (2.20.0-0ubuntu4.2)
	upstream	Released (2.20.0-0ubuntu5)

References

https://ubuntu.com/security/notices/USN-537-1
https://ubuntu.com/security/notices/USN-537-2
https://www.cve.org/CVERecord?id=CVE-2007-3920
NVD
Launchpad
Debian

Bugs

https://launchpad.net/bugs/145123
http://bugzilla.gnome.org/show_bug.cgi?id=488264

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›