Unrated severityNVD Advisory· Published Jun 9, 2006· Updated Apr 16, 2026

CVE-2006-2452

Description

GNOME GDM 2.8, 2.12, 2.14, and 2.15, when the "face browser" feature is enabled, allows local users to access the "Configure Login Manager" functionality using their own password instead of the root password, which can be leveraged to gain additional privileges.

Affected products

GNOME Foundation/Gdm4 versions
cpe:2.3:a:gnome:gdm:2.8:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:gnome:gdm:2.8:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gdm:2.12:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gdm:2.14:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:gdm:2.15:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

bugzilla.gnome.org/show_bug.cginvd
lists.suse.com/archive/suse-security-announce/2006-Jun/0003.htmlnvd
secunia.com/advisories/20532nvd
secunia.com/advisories/20552nvd
secunia.com/advisories/20587nvd
secunia.com/advisories/20627nvd
secunia.com/advisories/20636nvd
www.gentoo.org/security/en/glsa/glsa-200606-14.xmlnvd
www.mandriva.com/security/advisoriesnvd
www.securityfocus.com/archive/1/436428nvd
www.securityfocus.com/bid/18332nvd
www.vupen.com/english/advisories/2006/2239nvd
exchange.xforce.ibmcloud.com/vulnerabilities/27018nvd
usn.ubuntu.com/293-1/nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000