Vulnerabilities > Gnome > GDM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-03-31 | CVE-2011-0727 | Link Following vulnerability in Gnome GDM GNOME Display Manager (gdm) 2.x before 2.32.1 allows local users to change the ownership of arbitrary files via a symlink attack on a (1) dmrc or (2) face icon file under /var/cache/gdm/. | 6.9 |
| 2009-09-04 | CVE-2009-2697 | Improper Authentication vulnerability in Gnome GDM The Red Hat build script for the GNOME Display Manager (GDM) before 2.16.0-56 on Red Hat Enterprise Linux (RHEL) 5 omits TCP Wrapper support, which might allow remote attackers to bypass intended access restrictions via XDMCP connections, a different vulnerability than CVE-2007-5079. | 6.8 |
| 2006-12-15 | CVE-2006-6105 | Local Format String vulnerability in GNOME Display Manager GDMChooser Format string vulnerability in the host chooser window (gdmchooser) in GNOME Foundation Display Manager (gdm) allows local users to execute arbitrary code via format string specifiers in a hostname, which are used in an error dialog. | 4.3 |
| 2003-08-27 | CVE-2003-0549 | Denial-Of-Service vulnerability in Kdebase The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) via a short authorization key name. | 5.0 |
| 2003-08-27 | CVE-2003-0548 | Denial-Of-Service vulnerability in Kdebase The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) when a chosen host expires, a different issue than CVE-2003-0549. | 5.0 |
| 2000-06-19 | CVE-2000-0504 | libICE in XFree86 allows remote attackers to cause a denial of service by specifying a large value which is not properly checked by the SKIP_STRING macro. | 5.0 |