CVE-2007-3920

GNOME screensaver 2.20 in Ubuntu 7.10, when used with Compiz, does not properly reserve input focus, which allows attackers with physical access to take control of the session after entering an Alt-Tab sequence, a related issue to CVE-2007-3069.

Published: Oct 29, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-3920
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.2
AV:L/AC:H/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
compiz / compiz	-	-
gnome / screensaver	2.20	2.20.x

http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00002.html
http://secunia.com/advisories/27381
http://secunia.com/advisories/28627
http://secunia.com/advisories/30329
http://secunia.com/advisories/30715
http://www.redhat.com/support/errata/RHSA-2008-0485.html
http://www.securityfocus.com/bid/26188
http://www.ubuntu.com/usn/usn-537-1
http://www.ubuntu.com/usn/usn-537-2
https://bugzilla.redhat.com/show_bug.cgi?id=357071
https://bugzilla.redhat.com/show_bug.cgi?id=363061
https://exchange.xforce.ibmcloud.com/vulnerabilities/37410
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10192
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00811.html
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00841.html

Vulnerability Database

289,697

CVE-2007-3920