CVE-2010-2387

vicious-extensions/ve-misc.c in GNOME Display Manager (gdm) 2.20.x before 2.20.11, when GDM debug is enabled, logs the user password when it contains invalid UTF8 encoded characters, which might allow local users to gain privileges by reading the information from syslog logs.

Published : 2012-12-21 05:46 Updated : 2017-08-17 01:32

1.9
CVSS Score More info
Score 1.9 / 10
1.9
Vendor Product Version URI
Gnome Gnome Display Manager 2.20.1 cpe:/a:gnome:gnome_display_manager:2.20.1
Gnome Gnome Display Manager 2.20.6 cpe:/a:gnome:gnome_display_manager:2.20.6
Gnome Gnome Display Manager 2.20.3 cpe:/a:gnome:gnome_display_manager:2.20.3
Gnome Gnome Display Manager 2.20.0 cpe:/a:gnome:gnome_display_manager:2.20.0
Gnome Gnome Display Manager 2.20.2 cpe:/a:gnome:gnome_display_manager:2.20.2
Gnome Gnome Display Manager 2.20.9 cpe:/a:gnome:gnome_display_manager:2.20.9
Gnome Gnome Display Manager 2.20.10 cpe:/a:gnome:gnome_display_manager:2.20.10
Gnome Gnome Display Manager 2.20.8 cpe:/a:gnome:gnome_display_manager:2.20.8
Gnome Gnome Display Manager 2.20.5 cpe:/a:gnome:gnome_display_manager:2.20.5
Gnome Gnome Display Manager 2.20.7 cpe:/a:gnome:gnome_display_manager:2.20.7
Gnome Gnome Display Manager 2.20.4 cpe:/a:gnome:gnome_display_manager:2.20.4
  1. Gnome (1) Search CVE
    1. Gnome Display Manager (11) Search CVE
      1. 2.20.1
      2. 2.20.6
      3. 2.20.3
      4. 2.20.0
      5. 2.20.2
      6. 2.20.9
      7. 2.20.10
      8. 2.20.8
      9. 2.20.5
      10. 2.20.7
      11. 2.20.4

CWE

ID Name Description Links
CWE-255 Credentials Management Weaknesses in this category are related to the management of credentials. CVE

History of changes

Date Event
2017-08-17 06:25
2012-12-21 05:46

New CVE