Mandrake Security Advisory MDVSA-2009:278 (compiz-fusion-plugins-main) Network Vulnerability

Summary

The remote host is missing an update to compiz-fusion-plugins-main announced via advisory MDVSA-2009:278.

Solution

To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:278

Insight

A vulnerability has been found and corrected in compiz-fusion-plugins-main: The Expo plugin in Compiz Fusion 0.7.8 allows local users with physical access to drag the screen saver aside and access the locked desktop by using Expo mouse shortcuts, a related issue to CVE-2007-3920 (CVE-2008-6514). This update fixes this vulnerability. Affected: 2009.0

Severity

Classification

CVE CVE-2007-3920, CVE-2008-6514
CVSS Base Score: 6.2
AV:L/AC:H/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:112 (ipsec-tools)
Mandrake Security Advisory MDVSA-2009:048-1 (epiphany)
Mandrake Security Advisory MDVSA-2009:124-1 (apache)
Mandrake Security Advisory MDVSA-2009:040 (dia)
Mandrake Security Advisory MDVSA-2009:126 (eggdrop)

Take action and discover your vulnerabilities