Candidate: CVE-2014-1949
PublicDate: 2015-01-16 16:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1949
 http://www.openwall.com/lists/oss-security/2014/02/12/7
Description:
 GTK+ 3.10.9 and earlier, as used in cinnamon-screensaver,
 gnome-screensaver, and other applications, allows physically proximate
 attackers to bypass the lock screen by pressing the menu button.
Ubuntu-Description:
Notes:
 mdeslaur> although this issue was reported against cinnamon-screensaver,
 mdeslaur> the actual problem lies in gtk+3.0, and also affects
 mdeslaur> gnome-screensaver
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=738828
 https://bugs.launchpad.net/ubuntu/+source/gtk+3.0/+bug/1366790
Priority: medium
Discovered-by: Clemens Fries
Assigned-to: mdeslaur
CVSS: 

Patches_gtk+3.0:
upstream_gtk+3.0: needed
lucid_gtk+3.0: DNE
precise_gtk+3.0: not-affected
trusty_gtk+3.0: released (3.10.8-0ubuntu1.4)
trusty/esm_gtk+3.0: DNE (trusty was released [3.10.8-0ubuntu1.4])
utopic_gtk+3.0: not-affected
devel_gtk+3.0: not-affected