CVE-2013-4331

EUVD-2013-4217
Light Display Manager (aka LightDM) 1.4.x before 1.4.3, 1.6.x before 1.6.2, and 1.7.x before 1.7.14 uses 0664 permissions for the temporary .Xauthority file, which allows local users to obtain sensitive information by reading the file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 13%
Affected Products (NVD)
VendorProductVersion
robert_ancelllightdm
1.4.0
robert_ancelllightdm
1.4.1
robert_ancelllightdm
1.4.2
robert_ancelllightdm
1.6.0
robert_ancelllightdm
1.6.1
robert_ancelllightdm
1.7.0
robert_ancelllightdm
1.7.1
robert_ancelllightdm
1.7.2
robert_ancelllightdm
1.7.3
robert_ancelllightdm
1.7.4
robert_ancelllightdm
1.7.5
robert_ancelllightdm
1.7.6
robert_ancelllightdm
1.7.7
robert_ancelllightdm
1.7.8
robert_ancelllightdm
1.7.9
robert_ancelllightdm
1.7.10
robert_ancelllightdm
1.7.11
robert_ancelllightdm
1.7.12
robert_ancelllightdm
1.7.13
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
lightdm
bookworm
1.26.0-8
fixed
bullseye
1.26.0-7
fixed
sid
1.32.0-6
fixed
trixie
1.32.0-6
fixed
wheezy
not-affected
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
lightdm
lucid
dne
precise
not-affected
quantal
not-affected
raring
Fixed 1.6.0-0ubuntu3.1
released
Common Weakness Enumeration
References
https://bugs.launchpad.net/lightdm/%2Bbug/685212
https://bugs.launchpad.net/lightdm/%2Bbug/685212