{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "The default configuration in gnome-screensaver 3.5.4 through 3.6.0 sets the AutostartCondition line to fallback mode in the .desktop file, which prevents the program from starting automatically after login and allows physically proximate attackers to bypass screen locking and access an unattended workstation."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2013-03-08T22:00:00Z", "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://bugs.launchpad.net/ubuntu/+source/gnome-screensaver/+bug/1120126"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=683060"}, {"tags": ["x_refsource_MISC"], "url": "https://git.gnome.org/browse/gnome-screensaver/commit/?id=1940dc6bc8ad5ee2c029714efb1276c05ca80bd4"}, {"name": "USN-1716-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-1716-1"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@ubuntu.com", "ID": "CVE-2013-1050", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The default configuration in gnome-screensaver 3.5.4 through 3.6.0 sets the AutostartCondition line to fallback mode in the .desktop file, which prevents the program from starting automatically after login and allows physically proximate attackers to bypass screen locking and access an unattended workstation."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://bugs.launchpad.net/ubuntu/+source/gnome-screensaver/+bug/1120126", "refsource": "MISC", "url": "https://bugs.launchpad.net/ubuntu/+source/gnome-screensaver/+bug/1120126"}, {"name": "https://bugzilla.gnome.org/show_bug.cgi?id=683060", "refsource": "MISC", "url": "https://bugzilla.gnome.org/show_bug.cgi?id=683060"}, {"name": "https://git.gnome.org/browse/gnome-screensaver/commit/?id=1940dc6bc8ad5ee2c029714efb1276c05ca80bd4", "refsource": "MISC", "url": "https://git.gnome.org/browse/gnome-screensaver/commit/?id=1940dc6bc8ad5ee2c029714efb1276c05ca80bd4"}, {"name": "USN-1716-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1716-1"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T14:49:20.501Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugs.launchpad.net/ubuntu/+source/gnome-screensaver/+bug/1120126"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=683060"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://git.gnome.org/browse/gnome-screensaver/commit/?id=1940dc6bc8ad5ee2c029714efb1276c05ca80bd4"}, {"name": "USN-1716-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-1716-1"}]}]}, "cveMetadata": {"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "assignerShortName": "canonical", "cveId": "CVE-2013-1050", "datePublished": "2013-03-08T22:00:00Z", "dateReserved": "2013-01-11T00:00:00Z", "dateUpdated": "2024-09-16T19:25:32.045Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gnome:gnome_screensaver:3.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "48224CBC-49B5-49CE-8665-3FFC2359778C", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:gnome_screensaver:3.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "688B61C0-4213-43DE-862C-55A057118173", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:gnome_screensaver:3.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E9EA343E-C571-4253-97FC-2E2B17537BD4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The default configuration in gnome-screensaver 3.5.4 through 3.6.0 sets the AutostartCondition line to fallback mode in the .desktop file, which prevents the program from starting automatically after login and allows physically proximate attackers to bypass screen locking and access an unattended workstation."}, {"lang": "es", "value": "La configuraci\u00f3n por defecto en gnome-screensaver v3.5.4 hasta v3.6.0 fija la opci\u00f3n AutostartCondition a modo de retorno en el archivo .Desktop, lo que impide que el programa se inicie autom\u00e1ticamente despu\u00e9s de un inicio de sesi\u00f3n y permite a los atacantes f\u00edsicamente pr\u00f3ximos saltarse el bloqueo de pantalla y acceder a una estaci\u00f3n de trabajo sin vigilancia."}], "id": "CVE-2013-1050", "lastModified": "2013-03-18T04:00:00.000", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-03-08T22:55:01.147", "references": [{"source": "security@ubuntu.com", "url": "http://www.ubuntu.com/usn/USN-1716-1"}, {"source": "security@ubuntu.com", "tags": ["Vendor Advisory"], "url": "https://bugs.launchpad.net/ubuntu/+source/gnome-screensaver/+bug/1120126"}, {"source": "security@ubuntu.com", "url": "https://bugzilla.gnome.org/show_bug.cgi?id=683060"}, {"source": "security@ubuntu.com", "url": "https://git.gnome.org/browse/gnome-screensaver/commit/?id=1940dc6bc8ad5ee2c029714efb1276c05ca80bd4"}], "sourceIdentifier": "security@ubuntu.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "gnome-screensaver: fails to start automatically", "id": "919612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=919612"}, "csaw": false, "cvss": {"cvss_base_score": "3.6", "cvss_scoring_vector": "AV:L/AC:L/Au:N/C:P/I:P/A:N", "status": "draft"}, "details": ["The default configuration in gnome-screensaver 3.5.4 through 3.6.0 sets the AutostartCondition line to fallback mode in the .desktop file, which prevents the program from starting automatically after login and allows physically proximate attackers to bypass screen locking and access an unattended workstation."], "name": "CVE-2013-1050", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "gnome-screensaver", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "gnome-screensaver", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2012-08-30T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2013-1050\nhttps://nvd.nist.gov/vuln/detail/CVE-2013-1050"], "statement": "Not vulnerable. This issue did not affect the versions of gnome-screensaver as shipped with Red Hat Enterprise Linux 5 and 6.", "threat_severity": "Low"}