Gnome Screensaver Vulnerability in Linux Environment
CVE-2006-1335

Currently unrated

Key Information:

Vendor: Gnome
Status: Screensaver
Vendor: CVE Published:; 21 March 2006

Summary

The Gnome Screensaver version prior to 2.14 presents a vulnerability where attackers with physical access can exploit the configuration options AllowDeactivateGrabs and AllowClosedownGrabs on an X server. This flaw allows the screensaver to crash when certain keyboard sequences, specifically Ctl+Alt+Keypad-Multiply, are executed, effectively removing the secure grab from the screensaver. This behavior can lead to unauthorized access to the user's session.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/25340

vdb-entryx_refsource_XF

http://secunia.com/advisories/19280

third-party-advisoryx_refsource_SECUNIA

http://bugzilla.gnome.org/show_bug.cgi?id=326663

x_refsource_CONFIRM

Timeline

Vulnerability published
Mar 21, 2006
Vulnerability Reserved
Mar 20, 2006