CVE-2010-0732
EPSS 0.04%
Description
gdk/gdkwindow.c in GTK+ before 2.18.5, as used in gnome-screensaver before 2.28.1, performs implicit paints on windows of type GDK_WINDOW_FOREIGN, which triggers an X error in certain circumstances and consequently allows physically proximate attackers to bypass screen locking and access an unattended workstation by pressing the Enter key many times.
How to fix CVE-2010-0732
To remediate CVE-2010-0732, upgrade the affected package to a fixed version below.
- Debian/gtk+2.0—upgrade to 2.18.5-1 or later
Is CVE-2010-0732 being exploited?
Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 2.18.5-1