Vulnerability Description
gnome-screensaver 2.28.0 does not resume adherence to its activation settings after an inhibiting application becomes unavailable on the session bus, which allows physically proximate attackers to access an unattended workstation on which screen locking had been intended.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gnome | Screensaver | 2.28.0 |
References
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:040
- http://www.ubuntu.com/usn/USN-866-1
- https://bugzilla.gnome.org/show_bug.cgi?id=600488Patch
- https://launchpad.net/bugs/411350
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:040
- http://www.ubuntu.com/usn/USN-866-1
- https://bugzilla.gnome.org/show_bug.cgi?id=600488Patch
- https://launchpad.net/bugs/411350
FAQ
What is CVE-2009-4641?
CVE-2009-4641 is a vulnerability with a CVSS score of 7.2 (HIGH). gnome-screensaver 2.28.0 does not resume adherence to its activation settings after an inhibiting application becomes unavailable on the session bus, which allows physically proximate attackers to acc...
How severe is CVE-2009-4641?
CVE-2009-4641 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-4641?
Check the references section above for vendor advisories and patch information. Affected products include: Gnome Screensaver.