CVE-2012-0943

2014-05-2223:55:00

CWE-264

[email protected]

web.nvd.nist.gov

cve-2012-0943

light display manager

lightdm

local users

arbitrary files

ubuntu linux

6 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

14.4%

JSON

debian/guest-account in Light Display Manager (lightdm) 1.0.x before 1.0.6 and 1.1.x before 1.1.7, as used in Ubuntu Linux 11.10, allows local users to delete arbitrary files via a space in the name of a file in /tmp. NOTE: this identifier was SPLIT per ADT1/ADT2 due to different codebases and affected versions. CVE-2012-6648 has been assigned for the gdm-guest-session issue.

CPENameOperatorVersion
robert_ancell:lightdmrobert ancell lightdmeq1.1.4
robert_ancell:lightdmrobert ancell lightdmeq1.1.2
robert_ancell:lightdmrobert ancell lightdmeq1.1.0
robert_ancell:lightdmrobert ancell lightdmeq1.1.3
robert_ancell:lightdmrobert ancell lightdmeq1.0.4
robert_ancell:lightdmrobert ancell lightdmeq1.0.1
robert_ancell:lightdmrobert ancell lightdmeq1.0.2
canonical:ubuntu_linuxcanonical ubuntu linuxeq11.10
robert_ancell:lightdmrobert ancell lightdmeq1.1.5
robert_ancell:lightdmrobert ancell lightdmeq1.0.0

CPE	Name	Operator	Version
robert_ancell:lightdm	robert ancell lightdm	eq	1.1.4
robert_ancell:lightdm	robert ancell lightdm	eq	1.1.2
robert_ancell:lightdm	robert ancell lightdm	eq	1.1.0
robert_ancell:lightdm	robert ancell lightdm	eq	1.1.3
robert_ancell:lightdm	robert ancell lightdm	eq	1.0.4
robert_ancell:lightdm	robert ancell lightdm	eq	1.0.1
robert_ancell:lightdm	robert ancell lightdm	eq	1.0.2
canonical:ubuntu_linux	canonical ubuntu linux	eq	11.10
robert_ancell:lightdm	robert ancell lightdm	eq	1.1.5
robert_ancell:lightdm	robert ancell lightdm	eq	1.0.0