CVE-2011-0727
gdm3 - privilege escalation
EPSS 0.06%
Description
GNOME Display Manager (gdm) 2.x before 2.32.1 allows local users to change the ownership of arbitrary files via a symlink attack on a (1) dmrc or (2) face icon file under /var/cache/gdm/.
How to fix CVE-2011-0727
To remediate CVE-2011-0727, upgrade the affected package to a fixed version below.
- Debian/gdm3—upgrade to 2.30.5-9 or later
- Debian/gdm3—upgrade to 2.30.5-6squeeze2 or later
Is CVE-2011-0727 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 2.30.5-9
- from 0, < 2.30.5-6squeeze2