CVE-2009-4642

gnome-screensaver 2.26.1 relies on the gnome-session D-Bus interface to determine session idle time, even when an Xfce desktop such as Xubuntu or Mythbuntu is used, which allows physically proximate attackers to access an unattended workstation on which screen locking had been intended.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.2 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 37%
VendorProductVersion
gnomescreensaver
2.26.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
gnome-screensaver
sid
3.6.1-13
fixed
trixie
3.6.1-13
fixed
bookworm
3.6.1-13
fixed
bullseye
3.6.1-13
fixed
lenny
not-affected
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
gnome-screensaver
oneiric
not-affected
natty
not-affected
maverick
not-affected
lucid
not-affected
karmic
not-affected
jaunty
not-affected
intrepid
not-affected
hardy
not-affected
dapper
not-affected
xfce4-session
oneiric
not-affected
natty
not-affected
maverick
not-affected
lucid
not-affected
karmic
ignored
jaunty
ignored
intrepid
ignored
hardy
ignored
dapper
ignored
References
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=536381
http://bugzilla.xfce.org/show_bug.cgi?id=5927
https://bugzilla.gnome.org/show_bug.cgi?id=592093
https://launchpad.net/bugs/411350
https://launchpad.net/bugs/493573
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=536381
http://bugzilla.xfce.org/show_bug.cgi?id=5927
https://bugzilla.gnome.org/show_bug.cgi?id=592093
https://launchpad.net/bugs/411350
https://launchpad.net/bugs/493573