What is the severity of CVE-2011-1709?

CVE-2011-1709 is classified as a moderate severity vulnerability.

How do I fix CVE-2011-1709?

To fix CVE-2011-1709, upgrade GNOME Display Manager to version 2.32.2 or later.

What does CVE-2011-1709 allow an attacker to do?

CVE-2011-1709 allows local users to gain elevated privileges by exploiting the execution of a web browser with the uid of the gdm account.

Which versions of GNOME Display Manager are affected by CVE-2011-1709?

CVE-2011-1709 affects GNOME Display Manager versions prior to 2.32.2.

Is CVE-2011-1709 related to any specific versions of GLib?

Yes, CVE-2011-1709 is specific to GNOME Display Manager when used with GLib version 2.28.

Vulnerability/
CVE-2011-1709

high

7.2

CWE

264

30/5/2011

14/6/2011

6/8/2024

CVE-2011-1709

First published: Mon May 30 2011(Updated: )

GNOME Display Manager (gdm) before 2.32.2, when glib 2.28 is used, enables execution of a web browser with the uid of the gdm account, which allows local users to gain privileges via vectors involving the x-scheme-handler/http MIME type.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
GNOME libraries	=1.0
GNOME libraries	=2.0
GNOME libraries	=2.2
GNOME libraries	=2.3
GNOME libraries	=2.4
GNOME libraries	=2.5
GNOME libraries	=2.6
GNOME libraries	=2.8
GNOME libraries	=2.13
GNOME libraries	=2.14
GNOME libraries	=2.15
GNOME libraries	=2.16
GNOME libraries	=2.17
GNOME libraries	=2.18
GNOME libraries	=2.19
GNOME libraries	=2.20
GNOME libraries	=2.21
GNOME libraries	=2.22
GNOME libraries	=2.23
GNOME libraries	=2.24
GNOME libraries	=2.25
GNOME libraries	=2.26
GNOME libraries	=2.27
GNOME libraries	=2.28
GNOME libraries	=2.29
GNOME libraries	=2.30
GNOME libraries	=2.31
GNOME libraries	=2.32
GNOME libraries	=2.32.1
GNOME libraries	=2.28

Remedy

http://git.gnome.org/browse/gdm/commit/?id=d13dd72531599ab7e4c747db3b58a8c17753e08d

Remedy

https://bugzilla.redhat.com/show_bug.cgi?id=709139

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2011-1709?
CVE-2011-1709 is classified as a moderate severity vulnerability.
How do I fix CVE-2011-1709?
To fix CVE-2011-1709, upgrade GNOME Display Manager to version 2.32.2 or later.
What does CVE-2011-1709 allow an attacker to do?
CVE-2011-1709 allows local users to gain elevated privileges by exploiting the execution of a web browser with the uid of the gdm account.
Which versions of GNOME Display Manager are affected by CVE-2011-1709?
CVE-2011-1709 affects GNOME Display Manager versions prior to 2.32.2.
Is CVE-2011-1709 related to any specific versions of GLib?
Yes, CVE-2011-1709 is specific to GNOME Display Manager when used with GLib version 2.28.

collector/nvd-historical
agent/remedy
agent/first-publish-date
agent/type
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/references
agent/author
agent/weakness
agent/severity
agent/description
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2011-1709
agent/event
agent/trending
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/gnome
canonical/gnome libraries
version/gnome libraries/1.0
version/gnome libraries/2.0
version/gnome libraries/2.2
version/gnome libraries/2.3
version/gnome libraries/2.4
version/gnome libraries/2.5
version/gnome libraries/2.6
version/gnome libraries/2.8
version/gnome libraries/2.13
version/gnome libraries/2.14
version/gnome libraries/2.15
version/gnome libraries/2.16
version/gnome libraries/2.17
version/gnome libraries/2.18
version/gnome libraries/2.19
version/gnome libraries/2.20
version/gnome libraries/2.21
version/gnome libraries/2.22
version/gnome libraries/2.23
version/gnome libraries/2.24
version/gnome libraries/2.25
version/gnome libraries/2.26
version/gnome libraries/2.27
version/gnome libraries/2.28
version/gnome libraries/2.29
version/gnome libraries/2.30
version/gnome libraries/2.31
version/gnome libraries/2.32
version/gnome libraries/2.32.1

CVE-2011-1709

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2011-1709?

How do I fix CVE-2011-1709?

What does CVE-2011-1709 allow an attacker to do?

Which versions of GNOME Display Manager are affected by CVE-2011-1709?

Is CVE-2011-1709 related to any specific versions of GLib?

Company

Resources

Contact