Published: 03/09/2010 Updated: 11/04/2024

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 641

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

lxsession-logout in lxsession in LXDE, as used on SUSE openSUSE 11.3 and other platforms, does not lock the screen when the Suspend or Hibernate button is pressed, which might make it easier for physically proximate malicious users to access an unattended laptop via a resume action. NOTE: there is no general agreement that this is a vulnerability, because separate control over locking can be an equally secure, or more secure, behavior in some threat environments.

Vulnerable Product	Search on Vulmon	Subscribe to Product
opensuse opensuse 11.3

Debian Bug report logs - #591409 lxsession: Screen doesn't lock after resume from suspend and hibernation Package: lxsession; Maintainer for lxsession is Debian LXDE Maintainers <pkg-lxde-maintainers@listsaliothdebianorg>; Source for lxsession is src:lxsession (PTS, buildd, popcon) Reported by: Andrew Lee (李健秋) < ...

CWE-264 http://www.openwall.com/lists/oss-security/2010/07/16/4 https://bugzilla.novell.com/show_bug.cgi?id=622083 http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html http://www.openwall.com/lists/oss-security/2010/07/15/1 https://bugzillafiles.novell.org/attachment.cgi?id=375737 https://bugzilla.redhat.com/show_bug.cgi?id=614608 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=591409 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-2532

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect