Xscreensaver: >> Xscreensaver >> 4.14 Security Vulnerabilities
rdesktop 1.3.1 with xscreensaver 4.14, and possibly other versions, when running on Fedora and possibly other platforms, does not release the keyboard focus when xscreensaver starts, which causes the password to be entered into the active window when the user unlocks the screen.
CVSS Score
5.4
EPSS Score
0.014
Published
2004-12-31
Xscreensaver 4.14 contains certain debugging code that should have been omitted, which causes Xscreensaver to create temporary files insecurely in the (1) apple2, (2) xanalogtv, and (3) pong screensavers, and allows local users to overwrite arbitrary files via a symlink attack.
CVSS Score
6.4
EPSS Score
0.004
Published
2003-12-31