Vulnerability Details : CVE-2009-3100
xscreensaver (aka Gnome-XScreenSaver) in Sun Solaris 9 and 10, OpenSolaris snv_109 through snv_122, and X11 6.4.1 on Solaris 8 does not properly handle Accessibility support, which allows local users to cause a denial of service (system hang) by locking the screen and then attempting to launch an Accessibility pop-up window, related to a regression in certain Solaris and OpenSolaris patches.
Vulnerability category: Denial of service
Products affected by CVE-2009-3100
- cpe:2.3:o:sun:solaris:10:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:solaris:10:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:solaris:9:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:solaris:9:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:solaris:8:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_109:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_110:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_109:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_110:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_111:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_113:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_112:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_112:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_113:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_115:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_115:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_114:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_114:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_116:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_116:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_111:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_117:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_117:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_118:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_119:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_119:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_118:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_120:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_120:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_121:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_122:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_121:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_122:*:x86:*:*:*:*:*
- cpe:2.3:a:x.org:x11:6.4.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2009-3100
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 11 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2009-3100
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.0
|
MEDIUM | AV:L/AC:H/Au:N/C:N/I:N/A:C |
1.9
|
6.9
|
NIST |
References for CVE-2009-3100
-
http://bugs.opensolaris.org/view_bug.do?bug_id=6839026
Vendor Advisory
-
http://sunsolve.sun.com/search/document.do?assetkey=1-66-266469-1
Patch;Vendor Advisory
Jump to