Local User Data Exposure in GNOME Screensaver by Red Hat
CVE-2007-6389

Currently unrated

Key Information:

Vendor: Gnome
Status: Screensaver
Vendor: CVE Published:; 17 December 2007

What is CVE-2007-6389?

The notify feature in GNOME Screensaver version 2.20.0 poses a risk where local users can exploit the system to gain access to clipboard contents and X selection data during a locked session by using the ctrl-V shortcut. This could lead to unintentional data exposure, compromising user privacy and security.

References

http://lists.opensuse.org/opensuse-security-announce/2008...

vendor-advisoryx_refsource_SUSE

http://www.securityfocus.com/bid/30096

vdb-entryx_refsource_BID

http://www.mandriva.com/security/advisories?name=MDVSA-20...

vendor-advisoryx_refsource_MANDRIVA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 17, 2007
Vulnerability Reserved
Dec 17, 2007

Gnome

What is CVE-2007-6389?

References

Timeline