Vulnerability Details : CVE-2010-0285
gnome-screensaver 2.14.3, 2.22.2, 2.27.x, 2.28.0, and 2.28.3, when the X configuration enables the extend screen option, allows physically proximate attackers to bypass screen locking, access an unattended workstation, and view half of the GNOME desktop by attaching an external monitor.
Products affected by CVE-2010-0285
- cpe:2.3:a:gnome:screensaver:2.28.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:screensaver:2.28.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:screensaver:2.22.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:screensaver:2.27:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:screensaver:2.14.3:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2010-0285
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 25 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2010-0285
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.6
|
MEDIUM | AV:L/AC:H/Au:N/C:C/I:C/A:N |
1.9
|
9.2
|
NIST |
References for CVE-2010-0285
-
https://bugzilla.redhat.com/show_bug.cgi?id=557525
557525 – (CVE-2010-0285) CVE-2010-0285 gnome-screensaver insecurely unlocks screen when moving from one monitor to two
-
http://www.mandriva.com/security/advisories?name=MDVSA-2011:093
mandriva.com
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/56366
GNOME Screensaver monitor setup security bypass CVE-2010-0285 Vulnerability Report
-
http://www.securityfocus.com/bid/38254
gnome-screensaver Monitor Addition Lock Bypass Vulnerability
-
https://bugzilla.gnome.org/show_bug.cgi?id=593616
Bug 593616 – Second screen unlocked when moving from 1 monitor setup to 2 monitor setup
-
http://git.gnome.org/browse/gnome-screensaver/commit/?id=2f597ea9f1f363277fd4dfc109fa41bbc6225aca
Fix adding monitors (2f597ea9) · Commits · Archive / gnome-screensaver · GitLab
-
http://security-tracker.debian.org/tracker/CVE-2010-0285
CVE-2010-0285
Jump to