What is CVE-2011-0727?

CVE-2011-0727 is a vulnerability in Gnome Gdm, classified under Improper Link Resolution Before File Access. Published 2011-03-31.

Is CVE-2011-0727 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Gnome Gdm

CVE-2011-0727

GNOME Display Manager (gdm) 2.x before 2.32.1 allows local users to change the ownership of arbitrary files via a symlink attack on a (1) dmrc or (2) face icon file under /var/cache/gdm/.

EPSS: 0.001 (20.3th percentile) — read the EPSS interpretation.

Affected products

Gnome Gdm — versions 2.0, 2.2, 2.3
N/a — versions n/a

Weakness classification (CWE)

CWE-59 — Improper Link Resolution Before File Access

Public proof-of-concept exploits

c-skills/CVEs

References

USN-1099-1 (x_refsource_UBUNTU, vendor-advisory)
43714 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
1025264 (vdb-entry, x_refsource_SECTRACK)
FEDORA-2011-4351 (x_refsource_FEDORA, vendor-advisory)
43854 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
ADV-2011-0847 (vdb-entry, x_refsource_VUPEN)
ADV-2011-0787 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
display-manager-priv-escalation(66377) (vdb-entry, x_refsource_XF)
ADV-2011-0911 (vdb-entry, x_refsource_VUPEN)
MDVSA-2011:070 (vendor-advisory, x_refsource_MANDRIVA)

Frequently asked questions

What is CVE-2011-0727?: CVE-2011-0727 is a vulnerability in Gnome Gdm, classified under Improper Link Resolution Before File Access. Published 2011-03-31.
Is CVE-2011-0727 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.