CVE-2014-1949
Severity CVSS v4.0:
Pending analysis
Type:
CWE-284
Improper Access Control
Publication date:
16/01/2015
Last modified:
12/04/2025
Description
GTK+ 3.10.9 and earlier, as used in cinnamon-screensaver, gnome-screensaver, and other applications, allows physically proximate attackers to bypass the lock screen by pressing the menu button.
Impact
Base Score 2.0
7.20
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linuxmint:linux_mint:17.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:gnome:gtk:*:*:*:*:*:*:*:* | 3.10.9 (including) | |
| cpe:2.3:o:canonical:ubuntu:14.04:*:*:*:lts:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://advisories.mageia.org/MGASA-2014-0374.html
- http://seclists.org/oss-sec/2014/q1/327
- http://seclists.org/oss-sec/2014/q1/331
- http://www.mandriva.com/security/advisories?name=MDVSA-2015%3A162
- http://www.ubuntu.com/usn/USN-2475-1
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759145
- https://bugzilla.redhat.com/show_bug.cgi?id=1064695
- https://github.com/linuxmint/cinnamon-screensaver/issues/44
- http://advisories.mageia.org/MGASA-2014-0374.html
- http://seclists.org/oss-sec/2014/q1/327
- http://seclists.org/oss-sec/2014/q1/331
- http://www.mandriva.com/security/advisories?name=MDVSA-2015%3A162
- http://www.ubuntu.com/usn/USN-2475-1
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759145
- https://bugzilla.redhat.com/show_bug.cgi?id=1064695
- https://github.com/linuxmint/cinnamon-screensaver/issues/44