CVE-2009-4642
EPSS 0.15%
Description
gnome-screensaver 2.26.1 relies on the gnome-session D-Bus interface to determine session idle time, even when an Xfce desktop such as Xubuntu or Mythbuntu is used, which allows physically proximate attackers to access an unattended workstation on which screen locking had been intended.
How to fix CVE-2009-4642
To remediate CVE-2009-4642, upgrade the affected package to a fixed version below.
- Debian/gnome-screensaver—upgrade to 2.26.1-2 or later
Is CVE-2009-4642 being exploited?
Low — EPSS is 0.2%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 2.26.1-2