CVE-2011-1709

N/A Unknown

Published: June 14, 2011 Modified: April 29, 2026

Description

GNOME Display Manager (gdm) before 2.32.2, when glib 2.28 is used, enables execution of a web browser with the uid of the gdm account, which allows local users to gain privileges via vectors involving the x-scheme-handler/http MIME type.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://ftp.gnome.org/pub/GNOME/sources/gdm/2.32/gdm-2.32.2.news

Source: cve@mitre.org

http://git.gnome.org/browse/gdm/commit/?id=d13dd72531599ab7e4c747db3b58a8c17753e08d

Source: cve@mitre.org

Patch

http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061264.html

Source: cve@mitre.org

http://secunia.com/advisories/44797

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/44808

Source: cve@mitre.org

http://www.securityfocus.com/bid/48084

Source: cve@mitre.org

http://www.ubuntu.com/usn/USN-1142-1

Source: cve@mitre.org

https://bugzilla.redhat.com/show_bug.cgi?id=709139

Source: cve@mitre.org

Patch

https://hermes.opensuse.org/messages/8643655

Source: cve@mitre.org

http://ftp.gnome.org/pub/GNOME/sources/gdm/2.32/gdm-2.32.2.news