CVE-2009-4641

NameCVE-2009-4641
Descriptiongnome-screensaver 2.28.0 does not resume adherence to its activation settings after an inhibiting application becomes unavailable on the session bus, which allows physically proximate attackers to access an unattended workstation on which screen locking had been intended.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severityhigh
Debian Bugs569667

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
gnome-screensaver (PTS)stretch3.6.1-7fixed
buster3.6.1-10fixed
bullseye, sid3.6.1-13fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
gnome-screensaversource(unstable)2.28.0-2low569667
gnome-screensaversourceetch(not affected)
gnome-screensaversourcelenny(not affected)

Notes

[etch] - gnome-screensaver <not-affected> (Vulnerable code not present)
[lenny] - gnome-screensaver <not-affected> (Vulnerable code not present)

Search for package or bug name: Reporting problems