TROYANOSYVIRUS
Voltar para CVEs

CVE-2012-0064

N/A

Descricao

xkeyboard-config before 2.5 in X.Org before 7.6 enables certain XKB debugging functions by default, which allows physically proximate attackers to bypass an X screen lock via keyboard combinations that break the input grab.

Detalhes CVE

Pontuacao CVSS v3.1N/A
Publicado2/10/2014
Ultima modificacao4/29/2026
Fontenvd
Avistamentos honeypot0

Produtos afetados

x:x.org_x11xkeyboard_config_project:xkeyboard-config

Fraquezas (CWE)

CWE-264

Referencias

http://gu1.aeroxteam.fr/2012/01/19/bypass-screensaver-locker-program-xorg-111-and-up/(secalert@redhat.com)
http://lists.x.org/archives/xorg-announce/2012-January/001797.html(secalert@redhat.com)
http://lists.x.org/archives/xorg-devel/2012-January/028691.html(secalert@redhat.com)
http://securitytracker.com/id?1026549(secalert@redhat.com)
http://who-t.blogspot.com/2012/01/xkb-breaking-grabs-cve-2012-0064.html(secalert@redhat.com)
http://www.openwall.com/lists/oss-security/2012/01/19/6(secalert@redhat.com)
http://www.osvdb.org/78445(secalert@redhat.com)
http://www.x.org/wiki/Development/Security/(secalert@redhat.com)
https://bugzilla.redhat.com/show_bug.cgi?id=783039(secalert@redhat.com)
http://gu1.aeroxteam.fr/2012/01/19/bypass-screensaver-locker-program-xorg-111-and-up/(af854a3a-2127-422b-91ae-364da2661108)
http://lists.x.org/archives/xorg-announce/2012-January/001797.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.x.org/archives/xorg-devel/2012-January/028691.html(af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1026549(af854a3a-2127-422b-91ae-364da2661108)
http://who-t.blogspot.com/2012/01/xkb-breaking-grabs-cve-2012-0064.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2012/01/19/6(af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/78445(af854a3a-2127-422b-91ae-364da2661108)
http://www.x.org/wiki/Development/Security/(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=783039(af854a3a-2127-422b-91ae-364da2661108)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.