FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

xlockmore -- local exploit

Affected packages
ja-xlockmore < 5.40_1
xlockmore < 5.40_1

Details

VuXML ID 57652765-18aa-11e2-8382-00a0d181e71d
Discovery 2012-10-17
Entry 2012-10-17

Ignatios Souvatzis of NetBSD reports:

Due to an error in the dclock screensaver in xlockmore, users who explicitly use this screensaver or a random mix of screensavers using something like "xlockmore -mode random" may have their screen unlocked unexpectedly at a random time.

References

CVE Name CVE-2012-4524
Message http://www.openwall.com/lists/oss-security/2012/10/17/10