CVE-2013-1050

{"id": "CVE-2013-1050", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-03-08T22:55:01.147", "references": [{"url": "http://www.ubuntu.com/usn/USN-1716-1", "source": "security@ubuntu.com"}, {"url": "https://bugs.launchpad.net/ubuntu/+source/gnome-screensaver/+bug/1120126", "tags": ["Vendor Advisory"], "source": "security@ubuntu.com"}, {"url": "https://bugzilla.gnome.org/show_bug.cgi?id=683060", "source": "security@ubuntu.com"}, {"url": "https://git.gnome.org/browse/gnome-screensaver/commit/?id=1940dc6bc8ad5ee2c029714efb1276c05ca80bd4", "source": "security@ubuntu.com"}, {"url": "http://www.ubuntu.com/usn/USN-1716-1", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://bugs.launchpad.net/ubuntu/+source/gnome-screensaver/+bug/1120126", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://bugzilla.gnome.org/show_bug.cgi?id=683060", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.gnome.org/browse/gnome-screensaver/commit/?id=1940dc6bc8ad5ee2c029714efb1276c05ca80bd4", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "The default configuration in gnome-screensaver 3.5.4 through 3.6.0 sets the AutostartCondition line to fallback mode in the .desktop file, which prevents the program from starting automatically after login and allows physically proximate attackers to bypass screen locking and access an unattended workstation."}, {"lang": "es", "value": "La configuraci\u00f3n por defecto en gnome-screensaver v3.5.4 hasta v3.6.0 fija la opci\u00f3n AutostartCondition a modo de retorno en el archivo .Desktop, lo que impide que el programa se inicie autom\u00e1ticamente despu\u00e9s de un inicio de sesi\u00f3n y permite a los atacantes f\u00edsicamente pr\u00f3ximos saltarse el bloqueo de pantalla y acceder a una estaci\u00f3n de trabajo sin vigilancia."}], "lastModified": "2024-11-21T01:48:49.093", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:gnome:gnome_screensaver:3.5.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "48224CBC-49B5-49CE-8665-3FFC2359778C"}, {"criteria": "cpe:2.3:a:gnome:gnome_screensaver:3.5.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "688B61C0-4213-43DE-862C-55A057118173"}, {"criteria": "cpe:2.3:a:gnome:gnome_screensaver:3.6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9EA343E-C571-4253-97FC-2E2B17537BD4"}], "operator": "OR"}]}], "sourceIdentifier": "security@ubuntu.com"}