CVE-2012-0943

EUVD-2012-0966
debian/guest-account in Light Display Manager (lightdm) 1.0.x before 1.0.6 and 1.1.x before 1.1.7, as used in Ubuntu Linux 11.10, allows local users to delete arbitrary files via a space in the name of a file in /tmp.  NOTE: this identifier was SPLIT per ADT1/ADT2 due to different codebases and affected versions. CVE-2012-6648 has been assigned for the gdm-guest-session issue.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 43%
Affected Products (NVD)
VendorProductVersion
robert_ancelllightdm
1.0.0
robert_ancelllightdm
1.0.1
robert_ancelllightdm
1.0.2
robert_ancelllightdm
1.0.3
robert_ancelllightdm
1.0.4
robert_ancelllightdm
1.0.5
robert_ancelllightdm
1.1.0
robert_ancelllightdm
1.1.1
robert_ancelllightdm
1.1.2
robert_ancelllightdm
1.1.3
robert_ancelllightdm
1.1.4
robert_ancelllightdm
1.1.5
robert_ancelllightdm
1.1.6
canonicalubuntu_linux
11.10
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
lightdm
bookworm
1.26.0-8
fixed
bullseye
1.26.0-7
fixed
sid
1.32.0-6
fixed
trixie
1.32.0-6
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
gdm-guest-session
hardy
dne
lucid
Fixed 0.15ubuntu0.1
released
maverick
Fixed 0.17ubuntu0.1
released
natty
Fixed 0.24ubuntu0.1
released
oneiric
ignored
precise
dne
quantal
dne
raring
dne
lightdm
hardy
dne
lucid
dne
maverick
dne
natty
not-affected
oneiric
Fixed 1.0.6-0ubuntu1.6
released
precise
Fixed 1.1.7-0ubuntu2
released
quantal
Fixed 1.1.7-0ubuntu2
released
raring
Fixed 1.1.7-0ubuntu2
released
Common Weakness Enumeration
References
http://www.ubuntu.com/usn/USN-1399-2
https://bugs.launchpad.net/ubuntu/%2Bsource/lightdm/%2Bbug/953044
https://launchpadlibrarian.net/96471251/lightdm.secure-cleanup.debdiff
http://www.ubuntu.com/usn/USN-1399-2
https://bugs.launchpad.net/ubuntu/%2Bsource/lightdm/%2Bbug/953044
https://launchpadlibrarian.net/96471251/lightdm.secure-cleanup.debdiff