vulnerability

Debian: CVE-2016-10894: xtrlock -- security update

Severity
2
CVSS
(AV:L/AC:L/Au:N/C:N/I:P/A:N)
Published
Aug 16, 2019
Added
Oct 16, 2019
Modified
Mar 2, 2020

Description

xtrlock through 2.10 does not block multitouch events. Consequently, an attacker at a locked screen can send input to (and thus control) various programs such as Chromium via events such as pan scrolling, "pinch and zoom" gestures, or even regular mouse clicks (by depressing the touchpad once and then clicking with a different finger).

Solution

debian-upgrade-xtrlock
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.