Format String Vulnerability in GNOME Foundation Display Manager gdm
CVE-2006-6105

Currently unrated

Key Information:

Vendor
Gnome
Status
Gdm
Vendor
CVE Published:
15 December 2006

Summary

The vulnerability in the GNOME Foundation Display Manager's host chooser window (gdmchooser) allows local users to inject format string specifiers in a hostname. This flaw can be exploited to execute arbitrary code within the context of the application, potentially compromising system integrity and security. The error dialog handling fails to sanitize user inputs adequately, making it possible for attackers to alter the application's behavior through carefully crafted input.

References

http://secunia.com/advisories/23385
third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/23387
third-party-advisoryx_refsource_SECUNIA
http://www.vupen.com/english/advisories/2006/5015
vdb-entryx_refsource_VUPEN

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2006-6105 : Format String Vulnerability in GNOME Foundation Display Manager gdm | SecurityVulnerability.io