CVE-2015-3213

Severity CVSS v4.0:

Pending analysis

Type:

CWE-284 Improper Access Control

Publication date:

12/08/2015

Last modified:

12/04/2025

Description

The gesture handling code in Clutter before 1.16.2 allows physically proximate attackers to bypass the lock screen via certain (1) mouse or (2) touch gestures.

Impact

Vector 2.0

AV:L/AC:L/Au:N/C:C/I:C/A:C CVSS v2.0 Severity and Metrics:

Base Score: 7.20 HIGH
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Attack Vector (AV): Local
Attack Complexity (AC): Low
Authentication (Au): None
Confidentiality (C): Complete
Integrity (I): Complete
Availability (A): Complete

Base Score 2.0

7.20

Severity 2.0

HIGH

Vulnerable products and versions

CPE	From	Up to
cpe:2.3:a:clutter_project:clutter::::::::		1.16.0 (including)

To consult the complete list of CPE names with products and versions, see this page

References to Advisories, Solutions, and Tools

http://rhn.redhat.com/errata/RHSA-2015-1510.html
https://bugzilla.gnome.org/show_bug.cgi?id=710227
https://bugzilla.gnome.org/show_bug.cgi?id=749847
https://bugzilla.redhat.com/show_bug.cgi?id=1227098
https://git.gnome.org/browse/clutter/commit/?h=clutter-1.18&id=97724939c8de004d7fa230f3ff64862d957f93a9
http://rhn.redhat.com/errata/RHSA-2015-1510.html
https://bugzilla.gnome.org/show_bug.cgi?id=710227
https://bugzilla.gnome.org/show_bug.cgi?id=749847
https://bugzilla.redhat.com/show_bug.cgi?id=1227098
https://git.gnome.org/browse/clutter/commit/?h=clutter-1.18&id=97724939c8de004d7fa230f3ff64862d957f93a9