FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

gnome-screensaver -- Multiple monitor hotplug issues

Affected packages
gnome-screensaver < 2.28.3

Details

VuXML ID 0a82ac0c-1886-11df-b0d1-0015f2db7bde
Discovery 2010-02-08
Entry 2010-02-13

Ray Strode reports:

Under certain circumstances it is possible to circumvent the security of screen locking functionality of gnome-screensaver by changing the systems physical monitor configuration.

gnome-screensaver can lose its keyboard grab when locked, exposing the system to intrusion by adding and removing monitors.

References

CVE Name CVE-2010-0414
CVE Name CVE-2010-0422
URL https://bugzilla.gnome.org/show_bug.cgi?id=609337
URL https://bugzilla.gnome.org/show_bug.cgi?id=609789