CVE-2003-0547

6 documents5 sources

Severity

2.1LOW

EPSS

0.1%

top 70.45%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Gnome GDM Redhat Kdebase

Timeline

PublishedAug 27

Latest updateApr 29

Description

GDM before 2.4.1.6, when using the "examine session errors" feature, allows local users to read arbitrary files via a symlink attack on the ~/.xsession-errors file.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages2 packages

▶NVDgnome/gdm7 versions+6

▶NVDredhat/kdebase2.4.0.7.13, 2.4.1.3.5+1

Patches

Patch: www.redhat.com ↗Patch: www.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-q6fq-g7c2-m78j: GDM before 2↗2022-04-29

▶

CVEList

CVE-2003-0547: GDM before 2↗2003-08-22

▶

📋Vendor Advisories

Red Hat

security flaw↗2003-08-20

▶

💬Community

Bugzilla

CVE-2003-0547 security flaw↗2018-08-16

▶

Bugzilla

CAN-2003-0548/9 XDMCP GDM DoS↗2003-08-15

▶