CVE-2010-0732

gdk/gdkwindow.c in GTK+ before 2.18.5, as used in gnome-screensaver before 2.28.1, performs implicit paints on windows of type GDK_WINDOW_FOREIGN, which triggers an X error in certain circumstances and consequently allows physically proximate attackers to bypass screen locking and access an unattended workstation by pressing the Enter key many times.
Race Condition
Severity
UNKNOWN
AV:L/AC:H/Au:N/C:C/I:C/A:C
Atk. Vector
LOCAL
Atk. Complexity
HIGH
Base Score
CVSS 3.x
EPSS Score
Percentile: 29%
VendorProductVersion
gnomegtk
𝑥
< 2.18.5
gnomescreensaver
𝑥
< 2.28.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
gtk+2.0
bullseye
2.24.33-2+deb11u1
fixed
lenny
not-affected
etch
not-affected
bookworm
2.24.33-2+deb12u1
fixed
sid
2.24.33-6
fixed
trixie
2.24.33-6
fixed