CVE-2011-0727

GNOME Display Manager (gdm) 2.x before 2.32.1 allows local users to change the ownership of arbitrary files via a symlink attack on a (1) dmrc or (2) face icon file under /var/cache/gdm/.
Link Following
Severity
UNKNOWN
AV:L/AC:M/Au:N/C:C/I:C/A:C
Atk. Vector
LOCAL
Atk. Complexity
MEDIUM
Base Score
CVSS 3.x
EPSS Score
Percentile: 12%
VendorProductVersion
gnomegdm
2.0
gnomegdm
2.2
gnomegdm
2.3
gnomegdm
2.4
gnomegdm
2.5
gnomegdm
2.6
gnomegdm
2.8
gnomegdm
2.13
gnomegdm
2.14
gnomegdm
2.15
gnomegdm
2.16
gnomegdm
2.17
gnomegdm
2.18
gnomegdm
2.19
gnomegdm
2.20
gnomegdm
2.21
gnomegdm
2.22
gnomegdm
2.23
gnomegdm
2.24
gnomegdm
2.25
gnomegdm
2.26
gnomegdm
2.27
gnomegdm
2.28
gnomegdm
2.29
gnomegdm
2.30
gnomegdm
2.31
gnomegdm
2.32
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
gdm3
bullseye
3.38.2.1-1
fixed
bookworm
43.0-3
fixed
sid
47.0-3
fixed
trixie
47.0-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
gdm
maverick
Fixed 2.30.5-0ubuntu4.1
released
lucid
Fixed 2.30.2.is.2.30.0-0ubuntu5.1
released
karmic
Fixed 2.28.1-0ubuntu2.3
released
hardy
not-affected
dapper
ignored
References