CVE-2007-3920

Sažetak

GNOME screensaver 2.20 in Ubuntu 7.10, when used with Compiz, does not properly reserve input focus, which allows attackers with physical access to take control of the session after entering an Alt-Tab sequence, a related issue to CVE-2007-3069.

Reference

http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00002.html
http://secunia.com/advisories/27381
http://secunia.com/advisories/28627
http://secunia.com/advisories/30329
http://secunia.com/advisories/30715
http://www.redhat.com/support/errata/RHSA-2008-0485.html
http://www.securityfocus.com/bid/26188
http://www.ubuntu.com/usn/usn-537-1
http://www.ubuntu.com/usn/usn-537-2
https://bugzilla.redhat.com/show_bug.cgi?id=357071
https://bugzilla.redhat.com/show_bug.cgi?id=363061
https://exchange.xforce.ibmcloud.com/vulnerabilities/37410
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10192
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00811.html
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00841.html

CVSS

Base:	6.2
Impact:	10.0
Exploitability:	1.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:H/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

29-09-2017 - 01:29

Objavljeno

29-10-2007 - 21:46