Lucene search

K

[email protected]NVD:CVE-2012-6648

HistoryMay 22, 2014 - 11:55 p.m.

CVE-2012-6648

2014-05-2223:55:03

CWE-264

[email protected]

web.nvd.nist.gov

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

6.1 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.7%

gdm/guest-session-cleanup.sh in gdm-guest-session 0.24 and earlier, as used in Ubuntu Linux 10.04 LTS, 10.10, and 11.04, allows local users to delete arbitrary files via a space in the name of a file in /tmp. NOTE: this identifier was SPLIT from CVE-2012-0943 per ADT1/ADT2 due to different codebases and affected versions. CVE-2012-0943 is used for the guest-account issue.

Affected configurations

NVD

Node

gdm-guest-session_projectgdm-guest-sessionRange≤0.24

OR

gdm-guest-session_projectgdm-guest-sessionMatch0.20

OR

gdm-guest-session_projectgdm-guest-sessionMatch0.21

OR

gdm-guest-session_projectgdm-guest-sessionMatch0.22

OR

gdm-guest-session_projectgdm-guest-sessionMatch0.23

OR

canonicalubuntu_linuxMatch10.04-lts

OR

canonicalubuntu_linuxMatch10.10

OR

canonicalubuntu_linuxMatch11.04

References

ubuntu.com/usn/usn-1399-1

bugs.launchpad.net/ubuntu/%2Bsource/lightdm/%2Bbug/953044

launchpadlibrarian.net/96474113/gdm-guest-session.secure-cleanup.debdiff

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

6.1 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.7%

Related for NVD:CVE-2012-6648

ubuntucve2 prion2 debiancve1 nvd1 cve2 cvelist2 nessus2 openvas4 securityvulns1 ubuntu2