CVE-2003-0547

Published: Aug 27, 2003Modified: Apr 16, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

GDM before 2.4.1.6, when using the "examine session errors" feature, allows local users to read arbitrary files via a symlink attack on the ~/.xsession-errors file.

Affected (9)

Products: Gnome: Gdm · Redhat: Kdebase

1 product

1 product

Configuration A

9 vulnerable

Vulnerable Software	Affected Versions
Gnome Gdm	Version 2.4.1.1
Gnome Gdm	Version 2.4.1.2
Gnome Gdm	Version 2.4.1.3
Gnome Gdm	Version 2.4.1.4
Gnome Gdm	Version 2.4.1.5
Gnome Gdm	Version 2.4.1.6
Gnome Gdm	Version 2.4.1
Redhat Kdebase	Version 2.4.0.7.13
Redhat Kdebase	Version 2.4.1.3.5

References (10)

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000729

Source: cve@mitre.org

http://mail.gnome.org/archives/gnome-hackers/2003-August/msg00045.html

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=106194792924122&w=2

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2003-258.html

Source: cve@mitre.org

PatchVendor Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A112

Source: cve@mitre.org

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000729

Source: af854a3a-2127-422b-91ae-364da2661108

http://mail.gnome.org/archives/gnome-hackers/2003-August/msg00045.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=bugtraq&m=106194792924122&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2003-258.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A112

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.