Screen Lock Bypass in gnome-screensaver by GNOME
CVE-2012-3452

Currently unrated

Key Information:

Vendor: Gnome
Status: Screensaver
Vendor: CVE Published:; 7 August 2012

What is CVE-2012-3452?

The vulnerability in gnome-screensaver affects versions 3.4.x prior to 3.4.4 and 3.5.x prior to 3.5.4. When using multiple screens, the application only locks the screen that currently has active focus, allowing physically nearby attackers to bypass the screen lock. This oversight can lead to unauthorized access to user data on unattended workstations, potentially compromising sensitive information.

References

http://www.openwall.com/lists/oss-security/2012/08/03/3

mailing-listx_refsource_MLIST

https://bugzilla.gnome.org/show_bug.cgi?id=679441

x_refsource_CONFIRM

http://www.openwall.com/lists/oss-security/2012/08/03/5

mailing-listx_refsource_MLIST

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 7, 2012
Vulnerability Reserved
Jun 14, 2012

Gnome

What is CVE-2012-3452?

References

Timeline