Launchpad.net

CVE 2007-3920

GNOME screensaver 2.20 in Ubuntu 7.10, when used with Compiz, does not properly reserve input focus, which allows attackers with physical access to take control of the session after entering an Alt-Tab sequence, a related issue to CVE-2007-3069.

Related bugs and status

CVE-2007-3920 (Candidate) is related to these bugs:

Bug #145123: Keyboard shortcut works even when the screen is locked

		In	Importance	Status
145123	Keyboard shortcut works even when the screen is locked	gnome-screensaver (Ubuntu)	High	Fix Released
145123	Keyboard shortcut works even when the screen is locked	gnome-screensaver (Ubuntu Gutsy)	High	Fix Released
145123	Keyboard shortcut works even when the screen is locked	compiz (Ubuntu)	Undecided	Invalid
145123	Keyboard shortcut works even when the screen is locked	compiz (Ubuntu Gutsy)	Undecided	Fix Released
145123	Keyboard shortcut works even when the screen is locked	compiz (Ubuntu Hardy)	Undecided	Invalid
145123	Keyboard shortcut works even when the screen is locked	gnome-screensaver (Ubuntu Hardy)	High	Fix Released
145123	Keyboard shortcut works even when the screen is locked	GNOME Screensaver	Medium	Unknown

See the

CVE page on Mitre.org for more details.

References

UBUNTU: USN-537-1
BID: 26188
SECUNIA: 27381
UBUNTU: USN-537-2
CONFIRM: https://bugzilla.redha...
CONFIRM: https://bugzilla.redha...
FEDORA: FEDORA-2008-0930
FEDORA: FEDORA-2008-0956
SECUNIA: 28627
REDHAT: RHSA-2008:0485
SECUNIA: 30329
SUSE: SUSE-SA:2008:027
SECUNIA: 30715
XF: gnomescreensaver-compi...
OVAL: oval:org.mitre.oval:de...