gdk/gdkwindow.c in GTK+ prior to 2.18.5, as used in gnome-screensaver prior to 2.28.1, performs implicit paints on windows of type GDK_WINDOW_FOREIGN, which triggers an X error in certain circumstances and consequently allows physically proximate malicious users to bypass screen locking and access an unattended workstation by pressing the Enter key many times.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnome gtk |
||
gnome screensaver |