CVE-2013-4331

2014-02-0200:55:00

Debian Security Bug Tracker

security-tracker.debian.org

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.2%

JSON

Light Display Manager (aka LightDM) 1.4.x before 1.4.3, 1.6.x before 1.6.2, and 1.7.x before 1.7.14 uses 0664 permissions for the temporary .Xauthority file, which allows local users to obtain sensitive information by reading the file.

OSVersionArchitecturePackageVersionFilename
Debian12alllightdm< 1.6.2-1lightdm_1.6.2-1_all.deb
Debian11alllightdm< 1.6.2-1lightdm_1.6.2-1_all.deb
Debian10alllightdm< 1.6.2-1lightdm_1.6.2-1_all.deb
Debian999alllightdm< 1.6.2-1lightdm_1.6.2-1_all.deb
Debian13alllightdm< 1.6.2-1lightdm_1.6.2-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	lightdm	< 1.6.2-1	lightdm_1.6.2-1_all.deb
Debian	11	all	lightdm	< 1.6.2-1	lightdm_1.6.2-1_all.deb
Debian	10	all	lightdm	< 1.6.2-1	lightdm_1.6.2-1_all.deb
Debian	999	all	lightdm	< 1.6.2-1	lightdm_1.6.2-1_all.deb
Debian	13	all	lightdm	< 1.6.2-1	lightdm_1.6.2-1_all.deb