CVE-2010-2387: CVE-2010-2387

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2010-2387

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

vicious-extensions/ve-misc.c in GNOME Display Manager (gdm) 2.20.x before 2.20.11, when GDM debug is enabled, logs the user password when it contains invalid UTF8 encoded characters, which might allow local users to gain privileges by reading the information from syslog logs.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

GNOME Display Manager 信任管理漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

GNOME Display Manager（GDM，GNOME显示管理器）是GNOME项目所研发的一种GNOME显示环境的管理器，也是一个图形化登录程序。 GNOME Display Manager (gdm) 2.20.11之前的2.20.x版本中的vicious-extensions/ve-misc.c中存在漏洞，该漏洞源于在GDM debug程序启用的条件下，即便用户密码中包含无效的UTF8编码字符，系统也会将其录入。通过从系统日志读取信息，本地攻击者利用该漏洞获得特权。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2010-2387

#	POC Description	Source Link	Shenlong Link
1	None	https://github.com/LogSec/CVE-2010-2387	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2010-2387

Please Login to view more intelligence information

http://ftp.gnome.org/pub/GNOME/sources/gdm/2.20/gdm-2.20.11.changesx_refsource_CONFIRM
https://blogs.oracle.com/sunsecurity/entry/cve_2010_2387_password_disclosurex_refsource_CONFIRM
https://bugzilla.gnome.org/show_bug.cgi?id=571846x_refsource_CONFIRM
http://secunia.com/advisories/40780third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/40690third-party-advisoryx_refsource_SECUNIA
http://www.osvdb.org/66643vdb-entryx_refsource_OSVDB
http://www.auscert.org.au/13123third-party-advisoryx_refsource_AUSCERT
https://exchange.xforce.ibmcloud.com/vulnerabilities/60642vdb-entryx_refsource_XF
https://nvd.nist.gov/vuln/detail/CVE-2010-2387

New Vulnerabilities

Product: n/a

Vendor: n/a

V. Comments for CVE-2010-2387

No comments yet

Support Us — Your donation helps us keep running

I. Basic Information for CVE-2010-2387

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2010-2387

III. Intelligence Information for CVE-2010-2387

New Vulnerabilities

V. Comments for CVE-2010-2387

Leave a comment