CVE-2013-4169 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	6.9 UNKNOWN	LOCAL	MEDIUM		AV:L/AC:M/Au:N/C:C/I:C/A:C
redhat	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 7%

Vendor	Product	Version
gnome	gnome_display_manager	𝑥 ≤ 2.21
gnome	gnome_display_manager	0.7
gnome	gnome_display_manager	1.0
gnome	gnome_display_manager	2.0
gnome	gnome_display_manager	2.2
gnome	gnome_display_manager	2.13
gnome	gnome_display_manager	2.14
gnome	gnome_display_manager	2.14.1
gnome	gnome_display_manager	2.14.2
gnome	gnome_display_manager	2.14.3
gnome	gnome_display_manager	2.14.4
gnome	gnome_display_manager	2.14.5
gnome	gnome_display_manager	2.14.6
gnome	gnome_display_manager	2.14.7
gnome	gnome_display_manager	2.14.8
gnome	gnome_display_manager	2.14.9
gnome	gnome_display_manager	2.14.10
gnome	gnome_display_manager	2.14.11
gnome	gnome_display_manager	2.14.12
gnome	gnome_display_manager	2.15
gnome	gnome_display_manager	2.16
gnome	gnome_display_manager	2.16.1
gnome	gnome_display_manager	2.16.2
gnome	gnome_display_manager	2.17
gnome	gnome_display_manager	2.18
gnome	gnome_display_manager	2.18.1
gnome	gnome_display_manager	2.18.2
gnome	gnome_display_manager	2.18.3
gnome	gnome_display_manager	2.19
gnome	gnome_display_manager	2.19.1
gnome	gnome_display_manager	2.19.2
gnome	gnome_display_manager	2.19.3
gnome	gnome_display_manager	2.19.4
gnome	gnome_display_manager	2.20.0
gnome	gnome_display_manager	2.20.1
gnome	gnome_display_manager	2.20.2
gnome	gnome_display_manager	2.20.3
gnome	gnome_display_manager	2.20.4
gnome	gnome_display_manager	2.20.5
gnome	gnome_display_manager	2.20.6
gnome	gnome_display_manager	2.20.7
gnome	gnome_display_manager	2.20.8
gnome	gnome_display_manager	2.20.9
gnome	gnome_display_manager	2.20.10

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

gdm3

bullseye	3.38.2.1-1 fixed
bookworm	43.0-3 fixed
sid	47.0-3 fixed
trixie	47.0-3 fixed

Ubuntu Releases

Ubuntu Product

Codename

gdm

raring	not-affected
quantal	not-affected
precise	not-affected
lucid	ignored

Common Weakness Enumeration

CWE-59 - Improper Link Resolution Before File Access ('Link Following')
The software attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

References

http://rhn.redhat.com/errata/RHSA-2013-1213.html

http://secunia.com/advisories/54661

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=988498

http://rhn.redhat.com/errata/RHSA-2013-1213.html

http://secunia.com/advisories/54661

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=988498