oss-sec mailing list archives
Re: CVE Request -- xscreensaver -- exits when activated
From: Josh Bressers <bressers () redhat com>
Date: Mon, 6 Jun 2011 13:51:29 -0400 (EDT)
----- Original Message -----
Hello, Josh, Steve, vendors, it was found that xscreensaver terminated, when it was activated upon launch. A local proximate attacker could use this deficiency to access resources, which should be otherwise protected by authentication. References: [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=627382 [2] https://bugzilla.redhat.com/show_bug.cgi?id=703483
Please use CVE-2011-2187. This deserves an ID as the error probably won't happen until a few minutes afer a user leaves the keyboard. Thanks. -- JB
Current thread:
- CVE Request -- xscreensaver -- exits when activated Jan Lieskovsky (Jun 03)
- Re: CVE Request -- xscreensaver -- exits when activated Josh Bressers (Jun 06)