VYPR

Gnome Display Manager

by GNOME Foundation

CVEs (7)

  • CVE-2015-7496Nov 24, 2015
    risk 0.00cvss epss 0.00

    GNOME Display Manager (gdm) before 3.18.2 allows physically proximate attackers to bypass the lock screen by holding the Escape key.

  • CVE-2013-7273Apr 29, 2014
    risk 0.00cvss epss 0.00

    GNOME Display Manager (gdm) 3.4.1 and earlier, when disable-user-list is set to true, allows local users to cause a denial of service (unable to login) by pressing the cancel button after entering a user name.

  • CVE-2013-4169Sep 10, 2013
    risk 0.00cvss epss 0.00

    GNOME Display Manager (gdm) before 2.21.1 allows local users to change permissions of arbitrary directories via a symlink attack on /tmp/.X11-unix/.

  • CVE-2010-2387Dec 21, 2012
    risk 0.00cvss epss 0.01

    vicious-extensions/ve-misc.c in GNOME Display Manager (gdm) 2.20.x before 2.20.11, when GDM debug is enabled, logs the user password when it contains invalid UTF8 encoded characters, which might allow local users to gain privileges by reading the information from syslog logs.

  • CVE-2011-1709Jun 14, 2011
    risk 0.00cvss epss 0.00

    GNOME Display Manager (gdm) before 2.32.2, when glib 2.28 is used, enables execution of a web browser with the uid of the gdm account, which allows local users to gain privileges via vectors involving the x-scheme-handler/http MIME type.

  • CVE-2011-0727Mar 31, 2011
    risk 0.00cvss epss 0.00

    GNOME Display Manager (gdm) 2.x before 2.32.1 allows local users to change the ownership of arbitrary files via a symlink attack on a (1) dmrc or (2) face icon file under /var/cache/gdm/.

  • CVE-2006-6105Dec 15, 2006
    risk 0.00cvss epss 0.00

    Format string vulnerability in the host chooser window (gdmchooser) in GNOME Foundation Display Manager (gdm) allows local users to execute arbitrary code via format string specifiers in a hostname, which are used in an error dialog.