fkie_cve-2009-3101
Vulnerability from fkie_nvd
Published
2009-09-08 18:30
Modified
2024-11-21 01:06
Severity ?
Summary
xscreensaver (aka Gnome-XScreenSaver) in Sun Solaris 10, and OpenSolaris snv_109 through snv_122, does not properly handle Trusted Extensions, which allows local users to cause a denial of service (CPU consumption and console hang) by locking the screen, related to a regression in certain Solaris and OpenSolaris patches.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sun | opensolaris | snv_109 | |
| sun | opensolaris | snv_110 | |
| sun | opensolaris | snv_111 | |
| sun | opensolaris | snv_112 | |
| sun | opensolaris | snv_113 | |
| sun | opensolaris | snv_114 | |
| sun | opensolaris | snv_115 | |
| sun | opensolaris | snv_116 | |
| sun | opensolaris | snv_117 | |
| sun | opensolaris | snv_118 | |
| sun | opensolaris | snv_119 | |
| sun | opensolaris | snv_120 | |
| sun | opensolaris | snv_121 | |
| sun | opensolaris | snv_122 | |
| sun | solaris | 9 | |
| sun | solaris | 10 | |
| sun | opensolaris | snv_100 | |
| sun | opensolaris | snv_101 | |
| sun | opensolaris | snv_102 | |
| sun | opensolaris | snv_103 | |
| sun | opensolaris | snv_104 | |
| sun | opensolaris | snv_105 | |
| sun | opensolaris | snv_106 | |
| sun | opensolaris | snv_107 | |
| sun | opensolaris | snv_108 | |
| sun | opensolaris | snv_109 | |
| sun | opensolaris | snv_110 | |
| sun | opensolaris | snv_111 | |
| sun | opensolaris | snv_112 | |
| sun | opensolaris | snv_113 | |
| sun | opensolaris | snv_114 | |
| sun | opensolaris | snv_115 | |
| sun | opensolaris | snv_116 | |
| sun | opensolaris | snv_117 | |
| sun | opensolaris | snv_118 | |
| sun | opensolaris | snv_119 | |
| sun | opensolaris | snv_120 | |
| sun | opensolaris | snv_121 | |
| sun | opensolaris | snv_122 | |
| sun | solaris | 9 | |
| sun | solaris | 10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_109:*:sparc:*:*:*:*:*",
"matchCriteriaId": "264D137D-0B78-4F47-AA9F-427D535A1AE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_110:*:sparc:*:*:*:*:*",
"matchCriteriaId": "7D970B1B-44C6-443B-9029-D7182782BD1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_111:*:sparc:*:*:*:*:*",
"matchCriteriaId": "A4CA00AD-837E-4E3E-AE7E-A49CC3AF44A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_112:*:sparc:*:*:*:*:*",
"matchCriteriaId": "698744C6-2A65-478B-A846-099E6C86D0B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_113:*:sparc:*:*:*:*:*",
"matchCriteriaId": "EEF667A1-1AE1-42D4-8DB4-CE414CEA3E8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_114:*:sparc:*:*:*:*:*",
"matchCriteriaId": "EE9DD764-8B9F-4922-BFAD-3FCC56CF9705",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_115:*:sparc:*:*:*:*:*",
"matchCriteriaId": "78B80C92-7EB5-4343-B830-32E8C011E572",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_116:*:sparc:*:*:*:*:*",
"matchCriteriaId": "46E4ED9C-F013-48D2-8642-E5BA7599A512",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_117:*:sparc:*:*:*:*:*",
"matchCriteriaId": "A1E8108D-3CE7-4041-9027-1CA7473389EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_118:*:sparc:*:*:*:*:*",
"matchCriteriaId": "33E95F0E-D3D5-47CB-B503-7B7F92FB3F15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_119:*:sparc:*:*:*:*:*",
"matchCriteriaId": "E8585133-1F25-494A-8859-87B1D93305A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_120:*:sparc:*:*:*:*:*",
"matchCriteriaId": "F61CD721-197F-4BB3-9D59-CB3C16D6B1B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_121:*:sparc:*:*:*:*:*",
"matchCriteriaId": "3D01EACB-9DB4-4940-A1F2-40474B24AEFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_122:*:sparc:*:*:*:*:*",
"matchCriteriaId": "D1BBB436-9F7A-4E2D-908B-D57A531B1B3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:9:*:sparc:*:*:*:*:*",
"matchCriteriaId": "14CFA6D3-A611-4DF0-97AB-C30B79833DFA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:sun:solaris:10:*:sparc:*:*:*:*:*",
"matchCriteriaId": "7FBA68F0-4577-46F5-A754-D365B6EFF872",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_100:*:x86:*:*:*:*:*",
"matchCriteriaId": "1F2CB558-9390-4AAE-A66D-E3DA537E3115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_101:*:x86:*:*:*:*:*",
"matchCriteriaId": "5ED4FAD0-E91F-438D-A3CB-BACFB7F7E975",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_102:*:x86:*:*:*:*:*",
"matchCriteriaId": "411B33D1-F55D-42C0-9046-040ABC42E31B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_103:*:x86:*:*:*:*:*",
"matchCriteriaId": "0491828F-8BB7-4463-AEE7-BFA0C574B6A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_104:*:x86:*:*:*:*:*",
"matchCriteriaId": "CE4D5683-259F-449E-B1C7-2BD81CC4805F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_105:*:x86:*:*:*:*:*",
"matchCriteriaId": "42B7F288-2D35-4988-97B0-C529485033C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_106:*:x86:*:*:*:*:*",
"matchCriteriaId": "F276AFE2-B501-4355-9716-9D1A75AD09CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_107:*:x86:*:*:*:*:*",
"matchCriteriaId": "8ADE7EBB-8014-459F-A189-9D902BEE1FD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_108:*:x86:*:*:*:*:*",
"matchCriteriaId": "FF3DEB74-D65C-427A-8907-6044238E8C03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_109:*:x86:*:*:*:*:*",
"matchCriteriaId": "A7A2D975-A03A-494A-8CFE-2D8932906C14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_110:*:x86:*:*:*:*:*",
"matchCriteriaId": "5B3DB52A-595F-4A50-98D5-DF308471B823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_111:*:x86:*:*:*:*:*",
"matchCriteriaId": "B3BBCE23-9F15-45CD-859F-77ED540B51F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_112:*:x86:*:*:*:*:*",
"matchCriteriaId": "053A0DA6-483C-49BB-BC7A-E624DB2C269E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_113:*:x86:*:*:*:*:*",
"matchCriteriaId": "447212A4-FACD-475E-A62B-60FE6504F63E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_114:*:x86:*:*:*:*:*",
"matchCriteriaId": "AB694DC0-407A-4555-8B72-DAF3C169DCE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_115:*:x86:*:*:*:*:*",
"matchCriteriaId": "535FF689-13A2-40C6-8706-7782038FDBD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_116:*:x86:*:*:*:*:*",
"matchCriteriaId": "843246D3-C2DA-454D-916A-AC8905E5134E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_117:*:x86:*:*:*:*:*",
"matchCriteriaId": "244B7FE4-C485-4993-9810-3433C83A120E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_118:*:x86:*:*:*:*:*",
"matchCriteriaId": "BE586AB9-9D46-4BC2-8092-51482F297410",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_119:*:x86:*:*:*:*:*",
"matchCriteriaId": "3A5C836E-51A5-4B1C-AB03-A4DFDA440BD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_120:*:x86:*:*:*:*:*",
"matchCriteriaId": "A1D4C98B-0D01-461C-93C2-0AF9DA6519A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_121:*:x86:*:*:*:*:*",
"matchCriteriaId": "A0CE1A06-2588-47AA-81F8-E3655F915C33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_122:*:x86:*:*:*:*:*",
"matchCriteriaId": "5972E930-76E2-40FD-8E7F-74E012D34E39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:9:*:x86:*:*:*:*:*",
"matchCriteriaId": "F2F5901D-AB91-4F12-BF08-0BC3797833E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:sun:solaris:10:*:x86:*:*:*:*:*",
"matchCriteriaId": "E79CFAA6-A08A-4C70-A3D9-B02C29A17FF2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "xscreensaver (aka Gnome-XScreenSaver) in Sun Solaris 10, and OpenSolaris snv_109 through snv_122, does not properly handle Trusted Extensions, which allows local users to cause a denial of service (CPU consumption and console hang) by locking the screen, related to a regression in certain Solaris and OpenSolaris patches."
},
{
"lang": "es",
"value": "xscreensaver (tambi\u00e9n conocido como Gnome-XScreenSaver) en Sun Solaris v0, y OpenSolaris snv_109 hasta snv_122, no maneja adecuadamente Trusted Extensions, permitiendo a usuarios locales provocar una denegaci\u00f3n de servicio (consumo de CPU y bloqueo de consola) mediante el cierre de pantalla, relacionado con una regresi\u00f3n en ciertos parches para Solaris y OpenSolaris."
}
],
"id": "CVE-2009-3101",
"lastModified": "2024-11-21T01:06:33.060",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-09-08T18:30:00.827",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://bugs.opensolaris.org/view_bug.do?bug_id=6839026"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-266469-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://bugs.opensolaris.org/view_bug.do?bug_id=6839026"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-266469-1"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.