CVE-2009-1276

LOW

Description

XScreenSaver in Sun Solaris 10 and OpenSolaris before snv_109, and Solaris 8 and 9 with GNOME 2.0 or 2.0.2, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, as demonstrated by Thunderbird new-mail notifications.

References

http://securitytracker.com/id?1022009

http://sunsolve.sun.com/search/document.do?assetkey=1-21-120094-22-1

http://sunsolve.sun.com/search/document.do?assetkey=1-66-255308-1

http://www.securityfocus.com/bid/34421

http://www.vupen.com/english/advisories/2009/0978

Details

Source: MITRE

Published: 2009-04-09

Updated: 2009-08-11

Type: CWE-200

Risk Information

CVSS v2.0

Base Score: 2.1

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 3.9

Severity: LOW