CVE-2010-0414 : gnome-screensaver before 2.28.2 allows physically proximate attackers to bypass

gnome-screensaver before 2.28.2 allows physically proximate attackers to bypass screen locking and access an unattended workstation by moving the mouse position to an external monitor and then disconnecting that monitor.

Published 2010-02-11 20:30:01

Updated 2025-04-11 00:51:22

Source Red Hat, Inc.

View at NVD, CVE.org

Products affected by CVE-2010-0414

Gnome » Screensaver
Versions up to, including, (<=) 2.28.1
cpe:2.3:a:gnome:screensaver:*:*:*:*:*:*:*:*
Matching versions
Gnome » Screensaver » Version: 2.20
cpe:2.3:a:gnome:screensaver:2.20:*:*:*:*:*:*:*
Matching versions
Gnome » Screensaver » Version: 2.28.0
cpe:2.3:a:gnome:screensaver:2.28.0:*:*:*:*:*:*:*
Matching versions
Gnome » Screensaver » Version: 2.26.1
cpe:2.3:a:gnome:screensaver:2.26.1:*:*:*:*:*:*:*
Matching versions
Gnome » Screensaver » Version: 2.20.0
cpe:2.3:a:gnome:screensaver:2.20.0:*:*:*:*:*:*:*
Matching versions
Gnome » Screensaver » Version: 2.13
cpe:2.3:a:gnome:screensaver:2.13:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2010-0414

EPSS FAQ

0.05%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 13 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2010-0414

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2010-0414

http://secunia.com/advisories/38468

Sign in
Vendor Advisory
http://secunia.com/advisories/38532

Sign in
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/034904.html

[SECURITY] Fedora 12 Update: gnome-screensaver-2.28.2-1.fc12
https://bugzilla.gnome.org/show_bug.cgi?id=609337

Bug 609337 – CVE-2010-0414 gnome-screensaver: loses its unlock dialog and keyboard grab sometimes when unplugging monitor
http://www.mandriva.com/security/advisories?name=MDVSA-2010:040

mandriva.com

CVEs referencing this url
https://bugzilla.redhat.com/show_bug.cgi?id=562217

562217 – (CVE-2010-0414) CVE-2010-0414 gnome-screensaver: loses its unlock dialog and keyboard grab sometimes when unplugging monitor
http://git.gnome.org/browse/gnome-screensaver/commit/?id=a5f66339be6719c2b8fc478a1d5fc6545297d950

Ensure keyboard grab and unlock dialog exist after monitor removal (a5f66339) · Commits · Archive / gnome-screensaver · GitLab
http://www.securityfocus.com/bid/38149

gnome-screensaver Monitor Removal Lock Bypass Vulnerability
http://git.gnome.org/browse/gnome-screensaver/commit/?id=dcca89b7ab6e1220815af38da246434b2e13fd9f

Ensure keyboard grab and unlock dialog exist after monitor removal (dcca89b7) · Commits · Archive / gnome-screensaver · GitLab
http://www.ubuntu.com/usn/USN-898-1

USN-898-1: gnome-screensaver vulnerability | Ubuntu security notices
http://www.osvdb.org/62219

404 Not Found
http://ftp.gnome.org/pub/GNOME/sources/gnome-screensaver/2.28/gnome-screensaver-2.28.2.news
http://secunia.com/advisories/38534

Sign in
Vendor Advisory

Jump to

Vulnerability Details : CVE-2010-0414

Products affected by CVE-2010-0414

Exploit prediction scoring system (EPSS) score for CVE-2010-0414

CVSS scores for CVE-2010-0414

References for CVE-2010-0414