CVE-2007-1859

N/A Unknown
Published: May 02, 2007 Modified: April 23, 2026
View on NVD

Description

XScreenSaver 4.10, when using a remote directory service for credentials, does not properly handle the results from the getpwuid function in drivers/lock.c when there is no network connectivity, which causes XScreenSaver to crash and unlock the screen and allows local users to bypass authentication.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://osvdb.org/35531
Source: secalert@redhat.com
http://secunia.com/advisories/25065
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/25105
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/25116
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/25118
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/25119
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/25225
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/25610
Source: secalert@redhat.com
http://security.gentoo.org/glsa/glsa-200705-14.xml
Source: secalert@redhat.com
http://www.mandriva.com/security/advisories?name=MDKSA-2007:097
Source: secalert@redhat.com
http://www.novell.com/linux/security/advisories/2007_9_sr.html
Source: secalert@redhat.com
http://www.redhat.com/support/errata/RHSA-2007-0322.html
Source: secalert@redhat.com
Patch Vendor Advisory
http://www.securityfocus.com/bid/23783
Source: secalert@redhat.com
http://www.securitytracker.com/id?1017996
Source: secalert@redhat.com
http://www.ubuntu.com/usn/usn-474-1
Source: secalert@redhat.com
https://exchange.xforce.ibmcloud.com/vulnerabilities/34054
Source: secalert@redhat.com
https://issues.rpath.com/browse/RPL-1293
Source: secalert@redhat.com
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11459
Source: secalert@redhat.com
http://osvdb.org/35531
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/25065
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/25105
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/25116
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/25118
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/25119
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/25225
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/25610
Source: af854a3a-2127-422b-91ae-364da2661108
http://security.gentoo.org/glsa/glsa-200705-14.xml
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.mandriva.com/security/advisories?name=MDKSA-2007:097
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.novell.com/linux/security/advisories/2007_9_sr.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2007-0322.html
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://www.securityfocus.com/bid/23783
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securitytracker.com/id?1017996
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.ubuntu.com/usn/usn-474-1
Source: af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/34054
Source: af854a3a-2127-422b-91ae-364da2661108
https://issues.rpath.com/browse/RPL-1293
Source: af854a3a-2127-422b-91ae-364da2661108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11459
Source: af854a3a-2127-422b-91ae-364da2661108

36 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
0.1%
25th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-287

Affected Vendors

xscreensaver redhat

Related CVEs

CVE-2026-8657 8.2
CVE-2026-8656 6.1
CVE-2026-8681 5.3
CVE-2026-8704 N/A
CVE-2026-8700 N/A