CVE-2009-1276

medium

Description

XScreenSaver in Sun Solaris 10 and OpenSolaris before snv_109, and Solaris 8 and 9 with GNOME 2.0 or 2.0.2, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, as demonstrated by Thunderbird new-mail notifications.

References

http://www.vupen.com/english/advisories/2009/0978

http://www.securityfocus.com/bid/34421

http://sunsolve.sun.com/search/document.do?assetkey=1-66-255308-1

http://sunsolve.sun.com/search/document.do?assetkey=1-21-120094-22-1

http://securitytracker.com/id?1022009

Details

Source: Mitre, NVD

Published: 2009-04-09

Updated: 2009-08-11

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 4.6

Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: Medium