HIGH🇬🇧 English

CVE-2009-4996

CVSS 7.2v2.0pub. 2010-09-07upd. 2026-04-29

Xfce4-session 4.5.91 in Xfce does not lock the screen when the suspend or hibernate button is pressed, which might make it easier for physically proximate attackers to access an unattended laptop via a resume action, a related issue to CVE-2010-2532. NOTE: there is no general agreement that this is a vulnerability, because separate control over locking can be an equally secure, or more secure, behavior in some threat environments

oryginał EN
CVSS Vector
AV:L/AC:L/Au:N/C:C/I:C/A:C
  • Xfce

    APP
    Xfce
    4.6
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2007-6532HIGH10.0ten sam produkt

Double free vulnerability in the Widget Library (libxfcegui4) in Xfce before 4.4.2 might allow remote attacker...

CVE-2018-18398MEDIUM4.7ten sam produkt

Xfce Thunar 1.6.15, when Xfce 4.12 is used, mishandles the IBus-Unikey input method for file searches within F...

CVE-2007-6531MEDIUM5.0ten sam produkt

Stack-based buffer overflow in the Panel (xfce4-panel) component in Xfce before 4.4.2 might allow remote attac...

CVE-2022-45062CRITICAL9.8ten sam vendor

In Xfce xfce4-settings before 4.16.4 and 4.17.x before 4.17.1, there is an argument injection vulnerability in...

CVE-2021-32563CRITICAL9.8ten sam vendor

An issue was discovered in Thunar before 4.16.7 and 4.17.x before 4.17.2. When called with a regular file as a...