CVE-2013-1050

The default configuration in gnome-screensaver 3.5.4 through 3.6.0 sets the AutostartCondition line to fallback mode in the .desktop file, which prevents the program from starting automatically after login and allows physically proximate attackers to bypass screen locking and access an unattended workstation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.2 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:C/I:C/A:C
canonicalCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 15%
VendorProductVersion
gnomegnome_screensaver
3.5.4
gnomegnome_screensaver
3.5.5
gnomegnome_screensaver
3.6.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
gnome-screensaver
sid
3.6.1-13
fixed
trixie
3.6.1-13
fixed
bookworm
3.6.1-13
fixed
bullseye
3.6.1-13
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
gnome-screensaver
quantal
Fixed 3.6.0-0ubuntu2.1
released
precise
not-affected
oneiric
not-affected
lucid
not-affected
hardy
ignored
Common Weakness Enumeration
References
http://www.ubuntu.com/usn/USN-1716-1
https://bugs.launchpad.net/ubuntu/+source/gnome-screensaver/+bug/1120126
https://bugzilla.gnome.org/show_bug.cgi?id=683060
https://git.gnome.org/browse/gnome-screensaver/commit/?id=1940dc6bc8ad5ee2c029714efb1276c05ca80bd4
http://www.ubuntu.com/usn/USN-1716-1
https://bugs.launchpad.net/ubuntu/+source/gnome-screensaver/+bug/1120126
https://bugzilla.gnome.org/show_bug.cgi?id=683060
https://git.gnome.org/browse/gnome-screensaver/commit/?id=1940dc6bc8ad5ee2c029714efb1276c05ca80bd4