Vulnerability Details : CVE-2012-4524
xlockmore before 5.43 'dclock' security bypass vulnerability
Vulnerability category: Input validation
Products affected by CVE-2012-4524
- cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:16:*:*:*:*:*:*:*
- cpe:2.3:a:sillycycle:xlockmore:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2012-4524
0.51%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 73 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-4524
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:P/A:N |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2012-4524
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-4524
-
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091108.html
[SECURITY] Fedora 17 Update: xlockmore-5.40-3.fc17Third Party Advisory
-
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091150.html
[SECURITY] Fedora 16 Update: xlockmore-5.40-3.fc16Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2012/10/17/12
oss-security - Re: CVE id request: xlockmore vulnerability: local accessMailing List;Patch;Third Party Advisory
-
http://security.gentoo.org/glsa/glsa-201309-03.xml
Xlockmore: Denial of Service (GLSA 201309-03) — Gentoo securityThird Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-4524
867908 – (CVE-2012-4524) CVE-2012-4524 xlockmore: Screensaver crash (screen lock bypass) when 'dclock' mode usedIssue Tracking;Third Party Advisory
-
https://access.redhat.com/security/cve/cve-2012-4524
Red Hat Customer PortalBroken Link
-
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091709.html
[SECURITY] Fedora 18 Update: xlockmore-5.40-3.fc18Third Party Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/79558
xlockmore security bypass CVE-2012-4524 Vulnerability ReportThird Party Advisory;VDB Entry
-
http://www.securityfocus.com/bid/56169
xlockmore 'dclock' Mode Security Bypass VulnerabilityThird Party Advisory;VDB Entry
-
https://security-tracker.debian.org/tracker/CVE-2012-4524
CVE-2012-4524Third Party Advisory
Jump to