CVE-2012-0943

debian/guest-account in Light Display Manager (lightdm) 1.0.x before 1.0.6 and 1.1.x before 1.1.7, as used in Ubuntu Linux 11.10, allows local users to delete arbitrary files via a space in the name of a file in /tmp.  NOTE: this identifier was SPLIT per ADT1/ADT2 due to different codebases and affected versions. CVE-2012-6648 has been assigned for the gdm-guest-session issue.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:N/I:N/A:P
canonicalCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 49%
VendorProductVersion
robert_ancelllightdm
1.0.0
robert_ancelllightdm
1.0.1
robert_ancelllightdm
1.0.2
robert_ancelllightdm
1.0.3
robert_ancelllightdm
1.0.4
robert_ancelllightdm
1.0.5
robert_ancelllightdm
1.1.0
robert_ancelllightdm
1.1.1
robert_ancelllightdm
1.1.2
robert_ancelllightdm
1.1.3
robert_ancelllightdm
1.1.4
robert_ancelllightdm
1.1.5
robert_ancelllightdm
1.1.6
canonicalubuntu_linux
11.10
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
lightdm
bullseye
1.26.0-7
fixed
bookworm
1.26.0-8
fixed
sid
1.32.0-6
fixed
trixie
1.32.0-6
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
gdm-guest-session
raring
dne
quantal
dne
precise
dne
oneiric
ignored
natty
Fixed 0.24ubuntu0.1
released
maverick
Fixed 0.17ubuntu0.1
released
lucid
Fixed 0.15ubuntu0.1
released
hardy
dne
lightdm
raring
Fixed 1.1.7-0ubuntu2
released
quantal
Fixed 1.1.7-0ubuntu2
released
precise
Fixed 1.1.7-0ubuntu2
released
oneiric
Fixed 1.0.6-0ubuntu1.6
released
natty
not-affected
maverick
dne
lucid
dne
hardy
dne
Common Weakness Enumeration
References
http://www.ubuntu.com/usn/USN-1399-2
https://bugs.launchpad.net/ubuntu/%2Bsource/lightdm/%2Bbug/953044
https://launchpadlibrarian.net/96471251/lightdm.secure-cleanup.debdiff
http://www.ubuntu.com/usn/USN-1399-2
https://bugs.launchpad.net/ubuntu/%2Bsource/lightdm/%2Bbug/953044
https://launchpadlibrarian.net/96471251/lightdm.secure-cleanup.debdiff