CVE-2013-1050

EUVD-2013-1090
The default configuration in gnome-screensaver 3.5.4 through 3.6.0 sets the AutostartCondition line to fallback mode in the .desktop file, which prevents the program from starting automatically after login and allows physically proximate attackers to bypass screen locking and access an unattended workstation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.2 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 15%
Affected Products (NVD)
VendorProductVersion
gnomegnome_screensaver
3.5.4
gnomegnome_screensaver
3.5.5
gnomegnome_screensaver
3.6.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
gnome-screensaver
bookworm
3.6.1-13
fixed
bullseye
3.6.1-13
fixed
sid
3.6.1-13
fixed
trixie
3.6.1-13
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
gnome-screensaver
hardy
ignored
lucid
not-affected
oneiric
not-affected
precise
not-affected
quantal
Fixed 3.6.0-0ubuntu2.1
released
Common Weakness Enumeration
References
http://www.ubuntu.com/usn/USN-1716-1
https://bugs.launchpad.net/ubuntu/+source/gnome-screensaver/+bug/1120126
https://bugzilla.gnome.org/show_bug.cgi?id=683060
https://git.gnome.org/browse/gnome-screensaver/commit/?id=1940dc6bc8ad5ee2c029714efb1276c05ca80bd4
http://www.ubuntu.com/usn/USN-1716-1
https://bugs.launchpad.net/ubuntu/+source/gnome-screensaver/+bug/1120126
https://bugzilla.gnome.org/show_bug.cgi?id=683060
https://git.gnome.org/browse/gnome-screensaver/commit/?id=1940dc6bc8ad5ee2c029714efb1276c05ca80bd4