CVE-2015-3213 - Vulnerability Details - OpenCVE

The gesture handling code in Clutter before 1.16.2 allows physically proximate attackers to bypass the lock screen via certain (1) mouse or (2) touch gestures.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.00079.

Key SSVC decision points have not yet been added.

Vendors	Products
Clutter Project	Clutter
Redhat	Enterprise Linux

Configuration 1 [-]

cpe:2.3:a:clutter_project:clutter:*:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 7
clutter-0:1.14.4-12.ael7b_1.1	cpe:/o:redhat:enterprise_linux:7	RHSA-2015:1510	2015-07-27T00:00:00Z

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2015-3276	The gesture handling code in Clutter before 1.16.2 allows physically proximate attackers to bypass the lock screen via certain (1) mouse or (2) touch gestures.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://rhn.redhat.com/errata/RHSA-2015-1510.html
https://bugzilla.gnome.org/show_bug.cgi?id=710227
https://bugzilla.gnome.org/show_bug.cgi?id=749847
https://bugzilla.redhat.com/show_bug.cgi?id=1227098
https://git.gnome.org/browse/clutter/commit/?h=clutter-1.18&id=97724939c8de004d7fa230f3ff64862d957f93a9
https://nvd.nist.gov/vuln/detail/CVE-2015-3213
https://www.cve.org/CVERecord?id=CVE-2015-3213

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2015-08-12T14:00:00

Updated: 2024-08-06T05:39:31.989Z

Reserved: 2015-04-10T00:00:00

Link: CVE-2015-3213

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2015-08-12T14:59:13.197

Modified: 2025-04-12T10:46:40.837

Link: CVE-2015-3213

Redhat

Severity : Moderate

Publid Date: 2015-06-02T00:00:00Z

Links: CVE-2015-3213 - Bugzilla

OpenCVE Enrichment

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-05-25T00:00:00", "descriptions": [{"lang": "en", "value": "The gesture handling code in Clutter before 1.16.2 allows physically proximate attackers to bypass the lock screen via certain (1) mouse or (2) touch gestures."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2015-08-12T12:57:02", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://git.gnome.org/browse/clutter/commit/?h=clutter-1.18&id=97724939c8de004d7fa230f3ff64862d957f93a9"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1227098"}, {"name": "RHSA-2015:1510", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1510.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=710227"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=749847"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T05:39:31.989Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://git.gnome.org/browse/clutter/commit/?h=clutter-1.18&id=97724939c8de004d7fa230f3ff64862d957f93a9"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1227098"}, {"name": "RHSA-2015:1510", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1510.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=710227"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=749847"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2015-3213", "datePublished": "2015-08-12T14:00:00", "dateReserved": "2015-04-10T00:00:00", "dateUpdated": "2024-08-06T05:39:31.989Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:clutter_project:clutter:*:*:*:*:*:*:*:*", "matchCriteriaId": "11FAFFB3-CCBC-48DD-A116-7215C34FC3F0", "versionEndIncluding": "1.16.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The gesture handling code in Clutter before 1.16.2 allows physically proximate attackers to bypass the lock screen via certain (1) mouse or (2) touch gestures."}, {"lang": "es", "value": "Vulnerabilidad en el c\u00f3digo de manejo de gestos en Clutter en versiones anteriores a 1.16.2, permite a atacantes f\u00edsicamente pr\u00f3ximos eludir la pantalla de bloqueo a trav\u00e9s de ciertos gestos de (1) rat\u00f3n o (2) t\u00e1ctiles."}], "id": "CVE-2015-3213", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-08-12T14:59:13.197", "references": [{"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1510.html"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.gnome.org/show_bug.cgi?id=710227"}, {"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=749847"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1227098"}, {"source": "secalert@redhat.com", "url": "https://git.gnome.org/browse/clutter/commit/?h=clutter-1.18&id=97724939c8de004d7fa230f3ff64862d957f93a9"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1510.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.gnome.org/show_bug.cgi?id=710227"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=749847"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1227098"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.gnome.org/browse/clutter/commit/?h=clutter-1.18&id=97724939c8de004d7fa230f3ff64862d957f93a9"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}], "source": "nvd@nist.gov", "type": "Primary"}]}