vicious-extensions/ve-misc.c in GNOME Display Manager (gdm) 2.20.x before 2.20.11, when GDM debug is enabled, logs the user password when it contains invalid UTF8 encoded characters, which might allow local users to gain privileges by reading the information from syslog logs.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: oracle

Published: 2012-12-21T02:00:00

Updated: 2024-08-07T02:32:16.591Z

Reserved: 2010-06-21T00:00:00

Link: CVE-2010-2387

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2012-12-21T05:46:13.853

Modified: 2024-11-21T01:16:33.050

Link: CVE-2010-2387

cve-icon Redhat

Severity :

Publid Date: 2009-02-15T00:00:00Z

Links: CVE-2010-2387 - Bugzilla