CVE-2012-1620

Exploit

EPSS 0.1%
Veröffentlicht 12.07.2012 19:55:05
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle secalert@redhat.com
Teams Watchlist Login
Unerledigt Login

slock 0.9 does not properly handle the XRaiseWindow event when the screen is locked, which might allow physically proximate attackers to obtain sensitive information by pressing a button, which reveals the desktop and active windows.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 12

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Suckless ≫ Slock Version0.9

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.1%	0.243

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	3.6	3.9	4.9	AV:L/AC:L/Au:N/C:P/I:P/A:N

http://hg.suckless.org/slock/rev/891a4984aba6

Patch

Exploit

http://secunia.com/advisories/48700

Vendor Advisory

http://www.openwall.com/lists/oss-security/2012/04/06/1

Exploit

http://www.openwall.com/lists/oss-security/2012/04/06/2

http://www.osvdb.org/81035

http://www.securityfocus.com/bid/52922

https://bugs.gentoo.org/show_bug.cgi?id=401645

Exploit

https://bugzilla.redhat.com/show_bug.cgi?id=786310

https://exchange.xforce.ibmcloud.com/vulnerabilities/74666

https://nvd.nist.gov/vuln/detail/CVE-2012-1620

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-1620

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-1620

EUVD