CVE-2009-3100 — MEDIUM (4.0)

Vulnerability Description

xscreensaver (aka Gnome-XScreenSaver) in Sun Solaris 9 and 10, OpenSolaris snv_109 through snv_122, and X11 6.4.1 on Solaris 8 does not properly handle Accessibility support, which allows local users to cause a denial of service (system hang) by locking the screen and then attempting to launch an Accessibility pop-up window, related to a regression in certain Solaris and OpenSolaris patches.

CVSS Score

4.0

MEDIUM

AV:L/AC:H/Au:N/C:N/I:N/A:C

Confidentiality

NONE

Integrity

NONE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Sun	Opensolaris	snv_109
Sun	Solaris	9
X.Org	X11	6.4.1

References

http://bugs.opensolaris.org/view_bug.do?bug_id=6839026Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-66-266469-1PatchVendor Advisory
http://bugs.opensolaris.org/view_bug.do?bug_id=6839026Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-66-266469-1PatchVendor Advisory

FAQ

What is CVE-2009-3100?

CVE-2009-3100 is a vulnerability with a CVSS score of 4.0 (MEDIUM). xscreensaver (aka Gnome-XScreenSaver) in Sun Solaris 9 and 10, OpenSolaris snv_109 through snv_122, and X11 6.4.1 on Solaris 8 does not properly handle Accessibility support, which allows local users ...

How severe is CVE-2009-3100?

CVE-2009-3100 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2009-3100?

Check the references section above for vendor advisories and patch information. Affected products include: Sun Opensolaris, Sun Solaris, X.Org X11.