MDVSA-2010:109 -- Mandriva gtk+2.0ID: oval:org.secpod.oval:def:300383 | Date: (C)2012-01-07 (M)2023-08-10 |
Class: PATCH | Family: unix |
A vulnerability was discovered and fixed in gtk+2.0: gdk/gdkwindow.c in GTK+ before 2.18.5, as used in gnome-screensaver before 2.28.1, performs implicit paints on windows of type GDK_WINDOW_FOREIGN, which triggers an X error in certain circumstances and consequently allows physically proximate attackers to bypass screen locking and access an unattended workstation by pressing the Enter key many times . Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program
Platform: |
Mandriva Linux 2009.0 |
Mandriva Linux 2009.1 |
Mandriva Linux 2008.0 |