Lucene search
K
Robert AncellLightdm

6 matches found

CVE
CVE
added 2014/05/22 11:0 p.m.66 views

CVE-2012-0943

CVE-2012-0943 concerns debian/guest-account in LightDM (lightdm) 1.0.x before 1.0.6 and 1.1.x before 1.1.7, as used in Ubuntu 11.10. Affected component: guest-account cleanup in LightDM; root cause described as a vulnerability allowing local users to delete arbitrary files via a space in the name...

2.1CVSS6.2AI score0.00762EPSS
CVE
CVE
added 2014/03/06 3:0 p.m.61 views

CVE-2011-3153

CVE-2011-3153 affects LightDM (Light Display Manager). The vulnerability is in dmrc.c and allows local users to read arbitrary files via a symlink attack on ~/.dmrc, valid for LightDM versions before 1.1.1. Impact is local confidentiality exposure; no remote access required. OpenSUSE and SUSE adv...

1.9CVSS6.1AI score0.00316EPSS
CVE
CVE
added 2012/02/17 11:0 p.m.58 views

CVE-2011-4105

CVE-2011-4105 affects LightDM prior to 1.0.6. A local user can change the ownership of arbitrary files via a symlink attack on ~/.Xauthority. This is a local-privilege/teardown-style issue, with low CVSS in the base data but clear impact on file ownership. Remediation: upgrade LightDM to 1.0.6 or...

1.9CVSS6.3AI score0.00313EPSS
CVE
CVE
added 2014/02/02 12:0 a.m.56 views

CVE-2013-4331

CVE-2013-4331 affects LightDM (Light Display Manager) versions 1.4.x up to 1.4.3, 1.6.x up to 1.6.2, and 1.7.x up to 1.7.14. The issue is that the temporary .Xauthority file uses 0664 permissions, enabling local users to read it and obtain sensitive information. Reported in multiple sources (e.g....

2.1CVSS5.6AI score0.00368EPSS
CVE
CVE
added 2013/11/23 6:0 p.m.51 views

CVE-2013-4459

LightDM vulnerability CVE-2013-4459 affects LightDM 1.7.5–1.8.3 and 1.9.x prior to 1.9.2, where the AppArmor profile was not applied to the Guest account, allowing local users to bypass intended restrictions. Impact is local information exposure and a potential bypass of guest-restricted controls...

3.3CVSS6.2AI score0.00438EPSS
CVE
CVE
added 2014/10/27 8:0 p.m.48 views

CVE-2012-1111

CVE-2012-1111 affects lightdm prior to 1.0.9. The issue is failure to properly close file descriptors before starting a child process, allowing local users to write to the lightdm log (and other unspecified impact). Remediation: upgrade to lightdm 1.0.9 or later (patches addressing this flaw). If...

4.6CVSS6.5AI score0.00469EPSS