vulnerability
Debian: CVE-2016-10894: xtrlock -- security update
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
2 | (AV:L/AC:L/Au:N/C:N/I:P/A:N) | Aug 16, 2019 | Oct 16, 2019 | Mar 2, 2020 |
Severity
2
CVSS
(AV:L/AC:L/Au:N/C:N/I:P/A:N)
Published
Aug 16, 2019
Added
Oct 16, 2019
Modified
Mar 2, 2020
Description
xtrlock through 2.10 does not block multitouch events. Consequently, an attacker at a locked screen can send input to (and thus control) various programs such as Chromium via events such as pan scrolling, "pinch and zoom" gestures, or even regular mouse clicks (by depressing the touchpad once and then clicking with a different finger).
Solution
debian-upgrade-xtrlock

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.