Required CVE Record Information
Description
slock 0.9 does not properly handle the XRaiseWindow event when the screen is locked, which might allow physically proximate attackers to obtain sensitive information by pressing a button, which reveals the desktop and active windows.
References 9 Total
- https://bugs.gentoo.org/show_bug.cgi?id=401645
- openwall.com: [oss-security] 20120405 Re: CVE Request: slock-0.9 displays modal box after locking mailing-list
- openwall.com: [oss-security] 20120405 CVE Request: slock-0.9 displays modal box after locking mailing-list
- secunia.com: 48700 third-party-advisory
- exchange.xforce.ibmcloud.com: slock-xraisewindow-sec-bypass(74666) vdb-entry
- osvdb.org: 81035 vdb-entry
- securityfocus.com: 52922 vdb-entry
- http://hg.suckless.org/slock/rev/891a4984aba6
- https://bugzilla.redhat.com/show_bug.cgi?id=786310
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 9 Total
- https://bugs.gentoo.org/show_bug.cgi?id=401645 x_transferred
- openwall.com: [oss-security] 20120405 Re: CVE Request: slock-0.9 displays modal box after locking mailing-listx_transferred
- openwall.com: [oss-security] 20120405 CVE Request: slock-0.9 displays modal box after locking mailing-listx_transferred
- secunia.com: 48700 third-party-advisoryx_transferred
- exchange.xforce.ibmcloud.com: slock-xraisewindow-sec-bypass(74666) vdb-entryx_transferred
- osvdb.org: 81035 vdb-entryx_transferred
- securityfocus.com: 52922 vdb-entryx_transferred
- http://hg.suckless.org/slock/rev/891a4984aba6 x_transferred
- https://bugzilla.redhat.com/show_bug.cgi?id=786310 x_transferred