Vulnerability Description
xscreensaver 5.03 and earlier, when running without xscreensaver-gl-extras (GL extras) installed, crashes when /usr/bin/xscreensaver-gl-helper does not exist and a user attempts to unlock the screen, which allows attackers with physical access to gain access to the locked session.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Xscreensaver | Xscreensaver | 5.03 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/27392
- http://www.securityfocus.com/bid/26204
- https://bugzilla.redhat.com/show_bug.cgi?id=336331
- https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00336.ht
- http://secunia.com/advisories/27392
- http://www.securityfocus.com/bid/26204
- https://bugzilla.redhat.com/show_bug.cgi?id=336331
- https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00336.ht
FAQ
What is CVE-2007-5585?
CVE-2007-5585 is a vulnerability with a CVSS score of 5.0 (MEDIUM). xscreensaver 5.03 and earlier, when running without xscreensaver-gl-extras (GL extras) installed, crashes when /usr/bin/xscreensaver-gl-helper does not exist and a user attempts to unlock the screen, ...
How severe is CVE-2007-5585?
CVE-2007-5585 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-5585?
Check the references section above for vendor advisories and patch information. Affected products include: Xscreensaver Xscreensaver.