CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
5.1%
GNOME Display Manager (gdm) before 2.32.2, when glib 2.28 is used, enables
execution of a web browser with the uid of the gdm account, which allows
local users to gain privileges via vectors involving the
x-scheme-handler/http MIME type.
Author | Note |
---|---|
jdstrand | Ubuntu 11.04 is affected, but requires a non-standard polickit configuration |