xlockmore
by xlockmore
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2000-0763 | 0.03 | — | 0.01 | Oct 20, 2000 | xlockmore and xlockf do not properly cleanse user-injected format strings, which allows local users to gain root privileges via the -d option. | |||
| CVE-2012-4524 | 0.00 | — | 0.03 | Nov 21, 2019 | xlockmore before 5.43 'dclock' security bypass vulnerability | |||
| CVE-2006-0062 | 0.00 | — | 0.01 | Nov 6, 2019 | xlockmore 5.13 allows potential xlock bypass when FVWM switches to the same virtual desktop as a new Gaim window. | |||
| CVE-2006-0061 | 0.00 | — | 0.02 | Nov 6, 2019 | xlockmore 5.13 and 5.22 segfaults when using libpam-opensc and returns the underlying xsession. This allows unauthorized users access to the X session. | |||
| CVE-2013-4143 | 0.00 | — | 0.00 | May 30, 2014 | The (1) checkPasswd and (2) checkGroupXlockPasswds functions in xlockmore before 5.43 do not properly handle when a NULL value is returned upon an error by the crypt or dispcrypt function as implemented in glibc 2.17 and later, which allows attackers to bypass the screen lock… |
- CVE-2000-0763Oct 20, 2000risk 0.03cvss —epss 0.01
xlockmore and xlockf do not properly cleanse user-injected format strings, which allows local users to gain root privileges via the -d option.
- CVE-2012-4524Nov 21, 2019risk 0.00cvss —epss 0.03
xlockmore before 5.43 'dclock' security bypass vulnerability
- CVE-2006-0062Nov 6, 2019risk 0.00cvss —epss 0.01
xlockmore 5.13 allows potential xlock bypass when FVWM switches to the same virtual desktop as a new Gaim window.
- CVE-2006-0061Nov 6, 2019risk 0.00cvss —epss 0.02
xlockmore 5.13 and 5.22 segfaults when using libpam-opensc and returns the underlying xsession. This allows unauthorized users access to the X session.
- CVE-2013-4143May 30, 2014risk 0.00cvss —epss 0.00
The (1) checkPasswd and (2) checkGroupXlockPasswds functions in xlockmore before 5.43 do not properly handle when a NULL value is returned upon an error by the crypt or dispcrypt function as implemented in glibc 2.17 and later, which allows attackers to bypass the screen lock…