CVE-2011-2187
7.8
HIGH
CVSS 3.1
EPSS 0.10%
Description
xscreensaver before 5.14 crashes during activation and leaves the screen unlocked when in Blank Only Mode and when DPMS is disabled, which allows local attackers to access resources without authentication.
How to fix CVE-2011-2187
To remediate CVE-2011-2187, upgrade the affected package to a fixed version below.
- Debian/xscreensaver—upgrade to 5.14-1 or later
Is CVE-2011-2187 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 5.14-1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.8 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |