CVE-2009-4642

medium

Description

gnome-screensaver 2.26.1 relies on the gnome-session D-Bus interface to determine session idle time, even when an Xfce desktop such as Xubuntu or Mythbuntu is used, which allows physically proximate attackers to access an unattended workstation on which screen locking had been intended.

References

https://launchpad.net/bugs/493573

https://launchpad.net/bugs/411350

https://bugzilla.gnome.org/show_bug.cgi?id=592093

http://bugzilla.xfce.org/show_bug.cgi?id=5927

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=536381

Details

Source: Mitre, NVD

Published: 2010-02-11

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 4.6

Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: Medium

EPSS

EPSS: 0.00055