CVE-2009-4996

EUVD-2009-4958
Xfce4-session 4.5.91 in Xfce does not lock the screen when the suspend or hibernate button is pressed, which might make it easier for physically proximate attackers to access an unattended laptop via a resume action, a related issue to CVE-2010-2532.  NOTE: there is no general agreement that this is a vulnerability, because separate control over locking can be an equally secure, or more secure, behavior in some threat environments
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.2 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 36%
Affected Products (NVD)
VendorProductVersion
xfcexfce
4.6:beta1
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
xfce4-session
dapper
ignored
hardy
ignored
jaunty
ignored
karmic
ignored
lucid
ignored
maverick
ignored
natty
ignored
oneiric
ignored
precise
ignored
Common Weakness Enumeration
References
http://bugzilla.xfce.org/show_bug.cgi?id=4805
https://bugzilla.redhat.com/show_bug.cgi?id=525395
https://bugzilla.redhat.com/show_bug.cgi?id=587633
https://bugzilla.redhat.com/show_bug.cgi?id=614608
http://bugzilla.xfce.org/show_bug.cgi?id=4805
https://bugzilla.redhat.com/show_bug.cgi?id=525395
https://bugzilla.redhat.com/show_bug.cgi?id=587633
https://bugzilla.redhat.com/show_bug.cgi?id=614608