PT-2009-6076 · Sun · Sun Solaris 10+1

Published

2009-11-03

Updated

2017-09-19

CVE-2009-3851

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Sun Solaris 10

Description The issue affects the operation of the xscreensaver-demo command for the XScreenSaver application due to interference from Trusted Extensions. This interference makes it easier for physically proximate attackers to access an unattended workstation when the intended screen locking did not occur. The problem is related to the restart daemon.

Recommendations For Sun Solaris 10, consider disabling the Trusted Extensions to prevent interference with the xscreensaver-demo command until a proper fix is available. Restrict access to unattended workstations to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2009-3851

Affected Products

Sun Solaris 10

Xscreensaver

PT-2009-6076 · Sun · Sun Solaris 10+1

CVE-2009-3851

Related Identifiers

Affected Products

References · 4