3.6

CVE-2012-1620

Exploit
slock 0.9 does not properly handle the XRaiseWindow event when the screen is locked, which might allow physically proximate attackers to obtain sensitive information by pressing a button, which reveals the desktop and active windows.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SucklessSlock Version0.9
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.51% 0.393
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 3.6 3.9 4.9
AV:L/AC:L/Au:N/C:P/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://hg.suckless.org/slock/rev/891a4984aba6
Patch
Exploit
http://secunia.com/advisories/48700
Vendor Advisory
http://www.openwall.com/lists/oss-security/2012/04/06/1
Exploit
http://www.openwall.com/lists/oss-security/2012/04/06/2
http://www.osvdb.org/81035
http://www.securityfocus.com/bid/52922
https://bugs.gentoo.org/show_bug.cgi?id=401645
Exploit
https://bugzilla.redhat.com/show_bug.cgi?id=786310
https://exchange.xforce.ibmcloud.com/vulnerabilities/74666