Vulnerability Details : CVE-2009-3746

XScreenSaver in Sun Solaris 10, when the accessibility feature is enabled, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, a different vulnerability than CVE-2009-1276 and CVE-2009-2711.

Published 2009-10-22 16:30:00

Updated 2017-09-19 01:29:45

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2009-3746

Probability of exploitation activity in the next 30 days: 0.05%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 19 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2009-3746

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
1.9	LOW	AV:L/AC:M/Au:N/C:P/I:N/A:N	3.4	2.9	[email protected]
Access Vector: Local Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

CWE ids for CVE-2009-3746

CWE-16

Assigned by: [email protected] (Primary)

References for CVE-2009-3746

http://sunsolve.sun.com/search/document.do?assetkey=1-21-120094-29-1

Patch;Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-66-268288-1

Patch;Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6644

Products affected by CVE-2009-3746

SUN » Solaris » Version: 10 X86 Edition
cpe:2.3:o:sun:solaris:10:*:x86:*:*:*:*:*
Matching versions
SUN » Solaris » Version: 10 Sparc Edition
cpe:2.3:o:sun:solaris:10:*:sparc:*:*:*:*:*
Matching versions