Home > Vulnerability Database > CVE-2010-2532

Mend.io Vulnerability Database

CVE-2010-2532

Date: September 3, 2010

lxsession-logout in lxsession in LXDE, as used on SUSE openSUSE 11.3 and other platforms, does not lock the screen when the Suspend or Hibernate button is pressed, which might make it easier for physically proximate attackers to access an unattended laptop via a resume action. NOTE: there is no general agreement that this is a vulnerability, because separate control over locking can be an equally secure, or more secure, behavior in some threat environments.

Severity Score

8.4

Related Resources (8)

Url: http://www.openwall.com/lists/oss-security/2010/07/15/1

Url: http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html

Url: https://bugzilla.novell.com/show_bug.cgi?id=622083

Url: https://bugzilla.redhat.com/show_bug.cgi?id=614608

Url: https://nvd.nist.gov/vuln/detail/CVE-2010-2532

Url: https://bugzillafiles.novell.org/attachment.cgi?id=375737

Url: http://www.openwall.com/lists/oss-security/2010/07/16/4

Url: https://www.mend.io/vulnerability-database/CVE-2010-2532

Severity Score

8.4

Weakness Type (CWE)

Permissions, Privileges, and Access Control

CWE-264

CVSS v3.1

Base Score:	8.4
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	7.2
Access Vector (AV):	LOCAL
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	COMPLETE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2010-2532

Date: September 3, 2010

Severity Score

Related Resources (8)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?