{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-05-25T00:00:00", "descriptions": [{"lang": "en", "value": "The gesture handling code in Clutter before 1.16.2 allows physically proximate attackers to bypass the lock screen via certain (1) mouse or (2) touch gestures."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2015-08-12T12:57:02", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://git.gnome.org/browse/clutter/commit/?h=clutter-1.18&id=97724939c8de004d7fa230f3ff64862d957f93a9"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1227098"}, {"name": "RHSA-2015:1510", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1510.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=710227"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=749847"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T05:39:31.989Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://git.gnome.org/browse/clutter/commit/?h=clutter-1.18&id=97724939c8de004d7fa230f3ff64862d957f93a9"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1227098"}, {"name": "RHSA-2015:1510", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1510.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=710227"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=749847"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2015-3213", "datePublished": "2015-08-12T14:00:00", "dateReserved": "2015-04-10T00:00:00", "dateUpdated": "2024-08-06T05:39:31.989Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:clutter_project:clutter:*:*:*:*:*:*:*:*", "matchCriteriaId": "11FAFFB3-CCBC-48DD-A116-7215C34FC3F0", "versionEndIncluding": "1.16.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The gesture handling code in Clutter before 1.16.2 allows physically proximate attackers to bypass the lock screen via certain (1) mouse or (2) touch gestures."}, {"lang": "es", "value": "Vulnerabilidad en el c\u00f3digo de manejo de gestos en Clutter en versiones anteriores a 1.16.2, permite a atacantes f\u00edsicamente pr\u00f3ximos eludir la pantalla de bloqueo a trav\u00e9s de ciertos gestos de (1) rat\u00f3n o (2) t\u00e1ctiles."}], "id": "CVE-2015-3213", "lastModified": "2024-11-21T02:28:55.160", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-08-12T14:59:13.197", "references": [{"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1510.html"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.gnome.org/show_bug.cgi?id=710227"}, {"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=749847"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1227098"}, {"source": "secalert@redhat.com", "url": "https://git.gnome.org/browse/clutter/commit/?h=clutter-1.18&id=97724939c8de004d7fa230f3ff64862d957f93a9"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1510.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.gnome.org/show_bug.cgi?id=710227"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=749847"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1227098"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.gnome.org/browse/clutter/commit/?h=clutter-1.18&id=97724939c8de004d7fa230f3ff64862d957f93a9"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2015:1510", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "clutter-0:1.14.4-12.el7_1.1", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2015-07-27T00:00:00Z"}], "bugzilla": {"description": "clutter: screenlock bypass by performing certain mouse gestures", "id": "1227098", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1227098"}, "csaw": false, "cvss": {"cvss_base_score": "4.6", "cvss_scoring_vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "status": "verified"}, "cwe": "CWE-460->CWE-305", "details": ["The gesture handling code in Clutter before 1.16.2 allows physically proximate attackers to bypass the lock screen via certain (1) mouse or (2) touch gestures.", "A flaw was found in the way clutter processed certain mouse and touch gestures. An attacker could use this flaw to bypass the screen lock."], "name": "CVE-2015-3213", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "clutter", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2015-06-02T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2015-3213\nhttps://nvd.nist.gov/vuln/detail/CVE-2015-3213"], "threat_severity": "Moderate"}