1.9
CVE-2010-2387
- EPSS 0.52%
- Veröffentlicht 21.12.2012 05:46:13
- Zuletzt bearbeitet 16.06.2026 23:20:39
- Quelle secalert_us@oracle.com
- CVE-Watchlists
- Unerledigt
vicious-extensions/ve-misc.c in GNOME Display Manager (gdm) 2.20.x before 2.20.11, when GDM debug is enabled, logs the user password when it contains invalid UTF8 encoded characters, which might allow local users to gain privileges by reading the information from syslog logs.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Gnome ≫ Gnome Display Manager Version2.20.0
Gnome ≫ Gnome Display Manager Version2.20.1
Gnome ≫ Gnome Display Manager Version2.20.2
Gnome ≫ Gnome Display Manager Version2.20.3
Gnome ≫ Gnome Display Manager Version2.20.4
Gnome ≫ Gnome Display Manager Version2.20.5
Gnome ≫ Gnome Display Manager Version2.20.6
Gnome ≫ Gnome Display Manager Version2.20.7
Gnome ≫ Gnome Display Manager Version2.20.8
Gnome ≫ Gnome Display Manager Version2.20.9
Gnome ≫ Gnome Display Manager Version2.20.10
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.52% | 0.402 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 1.9 | 3.4 | 2.9 |
AV:L/AC:M/Au:N/C:P/I:N/A:N
|
http://ftp.gnome.org/pub/GNOME/sources/gdm/2.20/gdm-2.20.11.changes
http://secunia.com/advisories/40690
http://secunia.com/advisories/40780
http://www.auscert.org.au/13123
http://www.osvdb.org/66643
https://blogs.oracle.com/sunsecurity/entry/cve_2010_2387_password_disclosure
https://bugzilla.gnome.org/show_bug.cgi?id=571846
https://exchange.xforce.ibmcloud.com/vulnerabilities/60642