Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-1949

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2014-1949
Last Modified 13 Oct 2015 12:38:00
Published 16 Jan 2015 11:59:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2014-1949

Summary

GTK+ 3.10.9 and earlier, as used in cinnamon-screensaver, gnome-screensaver, and other applications, allows physically proximate attackers to bypass the lock screen by pressing the menu button.

Vulnerable Systems

Operating System

  • Canonical Ubuntu 14.04

  • Linuxmint Linux Mint 17.0

Application

  • Gtk%2b 3.10.9


References

CONFIRM - https://github.com/linuxmint/cinnamon-screensaver/issues/44

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=1064695

CONFIRM - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759145

UBUNTU - USN-2475-1

MLIST - [oss-security] 20140212 Re: cinnamon-screensaver lock bypass (tested on Fedora 20)

MLIST - [oss-security] 20140212 cinnamon-screensaver lock bypass (tested on Fedora 20)

MANDRIVA - MDVSA-2015:162

CONFIRM - http://advisories.mageia.org/MGASA-2014-0374.html


Last Updated: 27 May 2016 11:08:38