4.3

CVE-2006-6105

Format string vulnerability in the host chooser window (gdmchooser) in GNOME Foundation Display Manager (gdm) allows local users to execute arbitrary code via format string specifiers in a hostname, which are used in an error dialog.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GnomeGdm Version2.14.1
GnomeGdm Version2.16
GnomeGdm Version2.16.1
GnomeGdm Version2.16.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.4% 0.313
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 3.1 6.4
AV:L/AC:L/Au:S/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/23409
http://www.novell.com/linux/security/advisories/2006_29_sr.html
http://ftp.acc.umu.se/pub/GNOME/sources/gdm/2.17/gdm-2.17.4.news
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=453
Vendor Advisory
http://secunia.com/advisories/23381
http://secunia.com/advisories/23385
http://secunia.com/advisories/23387
http://securitytracker.com/id?1017320
Patch
http://securitytracker.com/id?1017383
http://www.mandriva.com/security/advisories?name=MDKSA-2006:231
http://www.osvdb.org/30848
http://www.securityfocus.com/bid/21597
Patch
http://www.ubuntu.com/usn/usn-396-1
http://www.vupen.com/english/advisories/2006/5015
https://exchange.xforce.ibmcloud.com/vulnerabilities/30896