7.2

CVE-2015-3213

Exploit
The gesture handling code in Clutter before 1.16.2 allows physically proximate attackers to bypass the lock screen via certain (1) mouse or (2) touch gestures.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Clutter ProjectClutter Version <= 1.16.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.5% 0.387
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

http://rhn.redhat.com/errata/RHSA-2015-1510.html
Vendor Advisory
https://bugzilla.gnome.org/show_bug.cgi?id=710227
https://bugzilla.gnome.org/show_bug.cgi?id=749847
Exploit
https://bugzilla.redhat.com/show_bug.cgi?id=1227098
https://git.gnome.org/browse/clutter/commit/?h=clutter-1.18&id=97724939c8de004d7fa230f3ff64862d957f93a9