7.2

CVE-2011-1709

GNOME Display Manager (gdm) before 2.32.2, when glib 2.28 is used, enables execution of a web browser with the uid of the gdm account, which allows local users to gain privileges via vectors involving the x-scheme-handler/http MIME type.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GnomeGdm Version1.0
   GnomeGlib Version2.28
GnomeGdm Version2.0
   GnomeGlib Version2.28
GnomeGdm Version2.2
   GnomeGlib Version2.28
GnomeGdm Version2.3
   GnomeGlib Version2.28
GnomeGdm Version2.4
   GnomeGlib Version2.28
GnomeGdm Version2.5
   GnomeGlib Version2.28
GnomeGdm Version2.6
   GnomeGlib Version2.28
GnomeGdm Version2.8
   GnomeGlib Version2.28
GnomeGdm Version2.13
   GnomeGlib Version2.28
GnomeGdm Version2.14
   GnomeGlib Version2.28
GnomeGdm Version2.15
   GnomeGlib Version2.28
GnomeGdm Version2.16
   GnomeGlib Version2.28
GnomeGdm Version2.17
   GnomeGlib Version2.28
GnomeGdm Version2.18
   GnomeGlib Version2.28
GnomeGdm Version2.19
   GnomeGlib Version2.28
GnomeGdm Version2.20
   GnomeGlib Version2.28
GnomeGdm Version2.21
   GnomeGlib Version2.28
GnomeGdm Version2.22
   GnomeGlib Version2.28
GnomeGdm Version2.23
   GnomeGlib Version2.28
GnomeGdm Version2.24
   GnomeGlib Version2.28
GnomeGdm Version2.25
   GnomeGlib Version2.28
GnomeGdm Version2.26
   GnomeGlib Version2.28
GnomeGdm Version2.27
   GnomeGlib Version2.28
GnomeGdm Version2.28
   GnomeGlib Version2.28
GnomeGdm Version2.29
   GnomeGlib Version2.28
GnomeGdm Version2.30
   GnomeGlib Version2.28
GnomeGdm Version2.31
   GnomeGlib Version2.28
GnomeGdm Version2.32
   GnomeGlib Version2.28
GnomeGdm Version2.32.1
   GnomeGlib Version2.28
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.43% 0.343
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://ftp.gnome.org/pub/GNOME/sources/gdm/2.32/gdm-2.32.2.news
http://git.gnome.org/browse/gdm/commit/?id=d13dd72531599ab7e4c747db3b58a8c17753e08d
Patch
http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061264.html
http://secunia.com/advisories/44797
Vendor Advisory
http://secunia.com/advisories/44808
http://www.securityfocus.com/bid/48084
http://www.ubuntu.com/usn/USN-1142-1
https://bugzilla.redhat.com/show_bug.cgi?id=709139
Patch
https://hermes.opensuse.org/messages/8643655