CVE-2013-1050

Published: 12 February 2013

The default configuration in gnome-screensaver 3.5.4 through 3.6.0 sets the AutostartCondition line to fallback mode in the .desktop file, which prevents the program from starting automatically after login and allows physically proximate attackers to bypass screen locking and access an unattended workstation.

Notes

Author	Note
mdeslaur	only affects quantal+

Priority

Status

Package	Release	Status
gnome-screensaver Launchpad, Ubuntu, Debian	hardy	Ignored (end of life)
	lucid	Not vulnerable
	oneiric	Not vulnerable
	precise	Not vulnerable
	quantal	Released (3.6.0-0ubuntu2.1)
	upstream	Needs triage

References

https://ubuntu.com/security/notices/USN-1716-1
https://www.cve.org/CVERecord?id=CVE-2013-1050
NVD
Launchpad
Debian

Bugs

https://launchpad.net/bugs/1120126

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›