CVE-2010-0414

Published: 10 February 2010

gnome-screensaver before 2.28.2 allows physically proximate attackers to bypass screen locking and access an unattended workstation by moving the mouse position to an external monitor and then disconnecting that monitor.

Notes

Author	Note
mdeslaur	2.28 and 2.29 only, fixed in 2.29.90

Priority

Status

Package	Release	Status
gnome-screensaver Launchpad, Ubuntu, Debian	dapper	Ignored (end of life)
	hardy	Not vulnerable (2.22.2-0ubuntu1)
	intrepid	Not vulnerable (2.24.0-0ubuntu2)
	jaunty	Not vulnerable (2.24.0-0ubuntu6)
	karmic	Released (2.28.0-0ubuntu3.4)
	upstream	Needs triage
	Patches: upstream: http://git.gnome.org/browse/gnome-screensaver/commit/?id=a5f66339be6719c2b8fc478a1d5fc6545297d950

References

https://ubuntu.com/security/notices/USN-898-1
https://www.cve.org/CVERecord?id=CVE-2010-0414
NVD
Launchpad
Debian

Bugs

https://bugzilla.gnome.org/show_bug.cgi?id=609337

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›