Privilege Escalation Vulnerability in GNOME Display Manager by GNOME
CVE-2011-1709

Currently unrated

Key Information:

Vendor

Gnome
Status
Gdm
Vendor
CVE Published:
14 June 2011

What is CVE-2011-1709?

An issue in GNOME Display Manager prior to version 2.32.2, when using glib version 2.28, permits local users to execute a web browser with the UID of the gdm account. This misconfiguration can be exploited through vectors involving the x-scheme-handler/http MIME type, potentially allowing unauthorized access to higher privileges.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://ftp.gnome.org/pub/GNOME/sources/gdm/2.32/gdm-2.32....
x_refsource_CONFIRM
http://git.gnome.org/browse/gdm/commit/?id=d13dd72531599a...
x_refsource_CONFIRM
http://secunia.com/advisories/44797
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.