CyberSec.Space Logo
Back to CVE Browser

CVE-2011-0727

MEDIUM
6.9
CVSS Severity Score
EPSS Score0.0280%
EPSS Percentile20.99th
PublishedMar 31, 2011
Last ModifiedApr 29, 2026

Vulnerability Description

GNOME Display Manager (gdm) 2.x before 2.32.1 allows local users to change the ownership of arbitrary files via a symlink attack on a (1) dmrc or (2) face icon file under /var/cache/gdm/.

Affected Platforms (CPE)

πŸ“¦
Gnome

Gdm

= 2.0
πŸ“¦
Gnome

Gdm

= 2.2
πŸ“¦
Gnome

Gdm

= 2.3
πŸ“¦
Gnome

Gdm

= 2.4
πŸ“¦
Gnome

Gdm

= 2.5
πŸ“¦
Gnome

Gdm

= 2.6
πŸ“¦
Gnome

Gdm

= 2.8
πŸ“¦
Gnome

Gdm

= 2.13
πŸ“¦
Gnome

Gdm

= 2.14
πŸ“¦
Gnome

Gdm

= 2.15
πŸ“¦
Gnome

Gdm

= 2.16
πŸ“¦
Gnome

Gdm

= 2.17
πŸ“¦
Gnome

Gdm

= 2.18
πŸ“¦
Gnome

Gdm

= 2.19
πŸ“¦
Gnome

Gdm

= 2.20
πŸ“¦
Gnome

Gdm

= 2.21
πŸ“¦
Gnome

Gdm

= 2.22
πŸ“¦
Gnome

Gdm

= 2.23
πŸ“¦
Gnome

Gdm

= 2.24
πŸ“¦
Gnome

Gdm

= 2.25
πŸ“¦
Gnome

Gdm

= 2.26
πŸ“¦
Gnome

Gdm

= 2.27
πŸ“¦
Gnome

Gdm

= 2.28
πŸ“¦
Gnome

Gdm

= 2.29
πŸ“¦
Gnome

Gdm

= 2.30
πŸ“¦
Gnome

Gdm

= 2.31
πŸ“¦
Gnome

Gdm

= 2.32

References & Advisories

πŸ”— http://ftp.gnome.org/pub/GNOME/sources/gdm/2.32/gdm-2.32.1.news
πŸ”— http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057333.html
πŸ”— http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057931.html
πŸ”— http://mail.gnome.org/archives/gdm-list/2011-March/msg00020.html
πŸ”— http://secunia.com/advisories/43714
πŸ”— http://secunia.com/advisories/43854
πŸ”— http://secunia.com/advisories/44021
πŸ”— http://securitytracker.com/id?1025264

Related Vulnerabilities

CVE-2000-049110.0

Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm allows remote attackers to execute arbitrary commands or ...

CVE-2018-144247.8

The daemon in GDM through 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, whic...

CVE-2015-74967.2

GNOME Display Manager (gdm) before 3.18.2 allows physically proximate attackers to bypass the lock screen by holding the Escape ke...

CVE-2011-17097.2

GNOME Display Manager (gdm) before 2.32.2, when glib 2.28 is used, enables execution of a web browser with the uid of the gdm acco...