Vulnerability Description
GNOME screensaver 2.20 in Ubuntu 7.10, when used with Compiz, does not properly reserve input focus, which allows attackers with physical access to take control of the session after entering an Alt-Tab sequence, a related issue to CVE-2007-3069.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu | Ubuntu Linux | 7.10 |
| Compiz | Compiz | All versions |
| Gnome | Screensaver | 2.20 |
References
- http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00002.html
- http://secunia.com/advisories/27381PatchVendor Advisory
- http://secunia.com/advisories/28627
- http://secunia.com/advisories/30329
- http://secunia.com/advisories/30715
- http://www.redhat.com/support/errata/RHSA-2008-0485.html
- http://www.securityfocus.com/bid/26188Patch
- http://www.ubuntu.com/usn/usn-537-1Patch
- http://www.ubuntu.com/usn/usn-537-2
- https://bugzilla.redhat.com/show_bug.cgi?id=357071
- https://bugzilla.redhat.com/show_bug.cgi?id=363061
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37410
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00811.ht
- https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00841.ht
FAQ
What is CVE-2007-3920?
CVE-2007-3920 is a vulnerability with a CVSS score of 6.2 (MEDIUM). GNOME screensaver 2.20 in Ubuntu 7.10, when used with Compiz, does not properly reserve input focus, which allows attackers with physical access to take control of the session after entering an Alt-Ta...
How severe is CVE-2007-3920?
CVE-2007-3920 has been rated MEDIUM with a CVSS base score of 6.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-3920?
Check the references section above for vendor advisories and patch information. Affected products include: Ubuntu Ubuntu Linux, Compiz Compiz, Gnome Screensaver.