CyberSec.Space Logo
CVEブラウザに戻る

CVE-2011-0727

MEDIUM
6.9
CVSS Severity Score
EPSS Score0.0280%
EPSS Percentile20.99th
Published2011年3月31日
Last Modified2026年4月29日

Vulnerability Description

GNOME Display Manager (gdm) 2.x before 2.32.1 allows local users to change the ownership of arbitrary files via a symlink attack on a (1) dmrc or (2) face icon file under /var/cache/gdm/.

Affected Platforms (CPE)

📦
Gnome

Gdm

= 2.0
📦
Gnome

Gdm

= 2.2
📦
Gnome

Gdm

= 2.3
📦
Gnome

Gdm

= 2.4
📦
Gnome

Gdm

= 2.5
📦
Gnome

Gdm

= 2.6
📦
Gnome

Gdm

= 2.8
📦
Gnome

Gdm

= 2.13
📦
Gnome

Gdm

= 2.14
📦
Gnome

Gdm

= 2.15
📦
Gnome

Gdm

= 2.16
📦
Gnome

Gdm

= 2.17
📦
Gnome

Gdm

= 2.18
📦
Gnome

Gdm

= 2.19
📦
Gnome

Gdm

= 2.20
📦
Gnome

Gdm

= 2.21
📦
Gnome

Gdm

= 2.22
📦
Gnome

Gdm

= 2.23
📦
Gnome

Gdm

= 2.24
📦
Gnome

Gdm

= 2.25
📦
Gnome

Gdm

= 2.26
📦
Gnome

Gdm

= 2.27
📦
Gnome

Gdm

= 2.28
📦
Gnome

Gdm

= 2.29
📦
Gnome

Gdm

= 2.30
📦
Gnome

Gdm

= 2.31
📦
Gnome

Gdm

= 2.32

References & Advisories

🔗 http://ftp.gnome.org/pub/GNOME/sources/gdm/2.32/gdm-2.32.1.news
🔗 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057333.html
🔗 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057931.html
🔗 http://mail.gnome.org/archives/gdm-list/2011-March/msg00020.html
🔗 http://secunia.com/advisories/43714
🔗 http://secunia.com/advisories/43854
🔗 http://secunia.com/advisories/44021
🔗 http://securitytracker.com/id?1025264

関連する脆弱性情報

CVE-2000-049110.0

Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm allows remote attackers to execute arbitrary commands or ...

CVE-2018-144247.8

The daemon in GDM through 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, whic...

CVE-2015-74967.2

GNOME Display Manager (gdm) before 3.18.2 allows physically proximate attackers to bypass the lock screen by holding the Escape ke...

CVE-2011-17097.2

GNOME Display Manager (gdm) before 2.32.2, when glib 2.28 is used, enables execution of a web browser with the uid of the gdm acco...