CVE-2014-1949

Name: CVE-2014-1949
Creator: NVD / NIST
Published: 2015-01-16T16:59:00.047+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 0.33%

Last modified Jun 17, 2026

CVE-2014-1949 is a vulnerability of currently unknown severity. GTK+ 3.10.9 and earlier, as used in cinnamon-screensaver, gnome-screensaver, and other applications, allows physically proximate attackers to bypass the lock screen by pressing the menu button.. EPSS estimates a 0.33% chance of exploitation in the next 30 days.

Description

GTK+ 3.10.9 and earlier, as used in cinnamon-screensaver, gnome-screensaver, and other applications, allows physically proximate attackers to bypass the lock screen by pressing the menu button.

Metrics

EPSS Probability

0.33%

24.7th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-284

Affected Software

Vendor	Product	Versions
Linuxmint	Linux Mint	17.0
Gnome	Gtk	<= 3.10.9
Canonical	Ubuntu	14.04

References

http://advisories.mageia.org/MGASA-2014-0374.htmlThird Party Advisory
http://seclists.org/oss-sec/2014/q1/327Mailing List, Third Party Advisory
http://seclists.org/oss-sec/2014/q1/331Mailing List, Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2015:162Broken Link
http://www.ubuntu.com/usn/USN-2475-1Third Party Advisory
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759145Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1064695Issue Tracking
https://github.com/linuxmint/cinnamon-screensaver/issues/44Third Party Advisory
http://advisories.mageia.org/MGASA-2014-0374.htmlThird Party Advisory
http://seclists.org/oss-sec/2014/q1/327Mailing List, Third Party Advisory
http://seclists.org/oss-sec/2014/q1/331Mailing List, Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2015:162Broken Link
http://www.ubuntu.com/usn/USN-2475-1Third Party Advisory
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759145Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1064695Issue Tracking
https://github.com/linuxmint/cinnamon-screensaver/issues/44Third Party Advisory

Timeline

Published: Jan 16, 2015
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2014-1949?

GTK+ 3.10.9 and earlier, as used in cinnamon-screensaver, gnome-screensaver, and other applications, allows physically proximate attackers to bypass the lock screen by pressing the menu button.

How severe is CVE-2014-1949?

Severity scoring for CVE-2014-1949 is pending analysis. The EPSS model estimates a 0.33% probability of exploitation in the next 30 days.

How do I fix CVE-2014-1949?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2014-1949?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST