Vulnerability Name: | CVE-2007-3283 (CCN-13299) | ||||||||
Assigned: | 2003-09-25 | ||||||||
Published: | 2003-09-25 | ||||||||
Updated: | 2017-10-11 | ||||||||
Summary: | GNOME XScreenSaver in Sun Solaris 8 and 9 before 20070417, when root is logged into the console, does not automatically lock the screen after a session has been inactive, which might allow physically proximate attackers to access the console. | ||||||||
CVSS v3 Severity: | 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||
CVSS v2 Severity: | 6.8 Medium (CVSS v2 Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | Other | ||||||||
References: | Source: MITRE Type: CNA CVE-2007-3283 Source: OSVDB Type: UNKNOWN 36586 Source: CCN Type: Sun Alert ID: 56720 GNOME 2.0 XScreenSaver Will Not Lock as Root Source: CCN Type: Sun Alert ID: 101338 (formerly 56720) GNOME 2.0 XScreenSaver Will Not Lock as Root Source: SUNALERT Type: Patch, Vendor Advisory 101338 Source: MISC Type: UNKNOWN http://www.jwz.org/xscreensaver/faq.html#root-lock Source: CCN Type: OSVDB ID: 36586 Solaris GNOME Session xscreensaver Local Session Hijacking Source: XF Type: UNKNOWN gnome-xscreensaver-lock-fail(13299) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:2037 | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||
Oval Definitions | |||||||||
| |||||||||
BACK |