Vulnerability in gnome-screensaver Allows Unauthorized Access to Unattended Workstations
CVE-2013-1050

Currently unrated

Key Information:

Vendor: Gnome
Status: Gnome Screensaver
Vendor: CVE Published:; 8 March 2013

Summary

The default configuration in gnome-screensaver versions 3.5.4 to 3.6.0 sets the AutostartCondition parameter in the .desktop file to fallback mode. This misconfiguration prevents gnome-screensaver from launching automatically upon user login, thereby leaving unattended workstations vulnerable to physical access. Attackers in proximity can exploit this issue to bypass screen locking mechanisms, potentially accessing sensitive information without authorization.

References

https://bugs.launchpad.net/ubuntu/+source/gnome-screensav...

x_refsource_MISC

https://bugzilla.gnome.org/show_bug.cgi?id=683060

x_refsource_MISC

https://git.gnome.org/browse/gnome-screensaver/commit/?id...

x_refsource_MISC

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Mar 8, 2013