CVE-2006-6105

EPSS 0.08%
Veröffentlicht 15.12.2006 02:28:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle secalert@redhat.com
Teams Watchlist Login
Unerledigt Login

Format string vulnerability in the host chooser window (gdmchooser) in GNOME Foundation Display Manager (gdm) allows local users to execute arbitrary code via format string specifiers in a hostname, which are used in an error dialog.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 18

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Gnome ≫ Gdm Version2.14.1

Gnome ≫ Gdm Version2.16

Gnome ≫ Gdm Version2.16.1

Gnome ≫ Gdm Version2.16.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.08%	0.232

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.3	3.1	6.4	AV:L/AC:L/Au:S/C:P/I:P/A:P

http://secunia.com/advisories/23409

http://www.novell.com/linux/security/advisories/2006_29_sr.html

http://ftp.acc.umu.se/pub/GNOME/sources/gdm/2.17/gdm-2.17.4.news

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=453

Vendor Advisory

http://secunia.com/advisories/23381

http://secunia.com/advisories/23385

http://secunia.com/advisories/23387

http://securitytracker.com/id?1017320

Patch

http://securitytracker.com/id?1017383

http://www.mandriva.com/security/advisories?name=MDKSA-2006:231

http://www.osvdb.org/30848

http://www.securityfocus.com/bid/21597

Patch

http://www.ubuntu.com/usn/usn-396-1

http://www.vupen.com/english/advisories/2006/5015

https://exchange.xforce.ibmcloud.com/vulnerabilities/30896

https://nvd.nist.gov/vuln/detail/CVE-2006-6105

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-6105

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-6105

EUVD