CVE-2009-3100

NameCVE-2009-3100
Descriptionxscreensaver (aka Gnome-XScreenSaver) in Sun Solaris 9 and 10, OpenSolaris snv_109 through snv_122, and X11 6.4.1 on Solaris 8 does not properly handle Accessibility support, which allows local users to cause a denial of service (system hang) by locking the screen and then attempting to launch an Accessibility pop-up window, related to a regression in certain Solaris and OpenSolaris patches.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
xscreensaver (PTS)jessie, jessie (lts)5.30-1+deb8u2fixed
stretch5.36-1fixed
buster5.42+dfsg1-1fixed
bullseye5.45+dfsg1-2fixed
bookworm6.06+dfsg1-3+deb12u1fixed
sid, trixie6.08+dfsg1-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
xscreensaversource(unstable)(not affected)

Notes

- xscreensaver <not-affected> (OpenSolaris-specific, patch 120094-22 causes this)

Search for package or bug name: Reporting problems