CVE-2012-0064

xkeyboard-config before 2.5 in X.Org before 7.6 enables certain XKB debugging functions by default, which allows physically proximate attackers to bypass an X screen lock via keyboard combinations that break the input grab.

Affected Software

Name	Vendor	Start Version	End Version
X.org_x11	X	*	7.5 (including)
X.org_x11	X	1.0 (including)	1.0 (including)
X.org_x11	X	3.0 (including)	3.0 (including)
X.org_x11	X	4.0 (including)	4.0 (including)
X.org_x11	X	5.0 (including)	5.0 (including)
X.org_x11	X	6.0 (including)	6.0 (including)
X.org_x11	X	6.1 (including)	6.1 (including)
X.org_x11	X	6.3 (including)	6.3 (including)
X.org_x11	X	6.4 (including)	6.4 (including)
X.org_x11	X	6.5.1 (including)	6.5.1 (including)
X.org_x11	X	6.6 (including)	6.6 (including)
X.org_x11	X	6.7 (including)	6.7 (including)
X.org_x11	X	6.8 (including)	6.8 (including)
X.org_x11	X	6.8.1 (including)	6.8.1 (including)
X.org_x11	X	6.8.2 (including)	6.8.2 (including)
X.org_x11	X	6.9.0 (including)	6.9.0 (including)
X.org_x11	X	7.0 (including)	7.0 (including)
X.org_x11	X	7.1 (including)	7.1 (including)
X.org_x11	X	7.2 (including)	7.2 (including)
X.org_x11	X	7.3 (including)	7.3 (including)
X.org_x11	X	7.4 (including)	7.4 (including)
X.org_x11	X	7.5 (including)	7.5 (including)
Xkeyboard-config	Xkeyboard_config_project	*	2.4 (including)
Xkeyboard-config	Xkeyboard_config_project	2.0 (including)	2.0 (including)
Xkeyboard-config	Xkeyboard_config_project	2.1 (including)	2.1 (including)
Xkeyboard-config	Xkeyboard_config_project	2.2 (including)	2.2 (including)
Xkeyboard-config	Xkeyboard_config_project	2.3 (including)	2.3 (including)
Xorg-server	Ubuntu	hardy	*
Xorg-server	Ubuntu	upstream	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-0064
CWE	https://cwe.mitre.org/data/definitions/264.html

Affected Software

References