| Vulnerability Name: | CVE-2009-3851 (CCN-54066) | ||||||||
| Assigned: | 2009-10-29 | ||||||||
| Published: | 2009-10-29 | ||||||||
| Updated: | 2017-09-19 | ||||||||
| Summary: | Trusted Extensions in Sun Solaris 10 interferes with the operation of the xscreensaver-demo command for the XScreenSaver application, which makes it easier for physically proximate attackers to access an unattended workstation for which the intended screen locking did not occur, related to the "restart daemon." | ||||||||
| CVSS v3 Severity: | 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||||
| CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C) 5.3 Medium (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
1.4 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||
| References: | Source: MITRE Type: CNA CVE-2009-3851 Source: CCN Type: SA37224 Sun Solaris Trusted Extensions XScreenSaver Security Bypass Source: CONFIRM Type: Patch http://sunsolve.sun.com/search/document.do?assetkey=1-21-120094-28-1 Source: CCN Type: Sun Alert ID: 270809 Security Vulnerability in Solaris Trusted Extensions may Prevent XScreenSaver (xscreensaver(1)) From Running Source: SUNALERT Type: Vendor Advisory 270809 Source: CCN Type: OSVDB ID: 59703 Solaris Trusted Extensions XScreenSaver xscreensaver-demo Command Restart Daemon Security Control Bypass Source: CCN Type: BID-36891 Sun Solaris 'xscreensaver(1)' From JDS Local Information Disclosure Vulnerability Source: XF Type: UNKNOWN sol-xscreensaver-trustedextensions-info-disc(54066) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:6845 | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| Oval Definitions | |||||||||
| |||||||||
| BACK | |||||||||