CVE-2013-4331

Light Display Manager (aka LightDM) 1.4.x before 1.4.3, 1.6.x before 1.6.2, and 1.7.x before 1.7.14 uses 0664 permissions for the temporary .Xauthority file, which allows local users to obtain sensitive information by reading the file.

Published: Feb 2, 2014
Updated: Apr 13, 2023
CVE: CVE-2013-4331
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
robert_ancell / lightdm	1.7.6	1.7.6.x
robert_ancell / lightdm	1.7.10	1.7.10.x
robert_ancell / lightdm	1.7.0	1.7.0.x
robert_ancell / lightdm	1.7.7	1.7.7.x
robert_ancell / lightdm	1.6.1	1.6.1.x
robert_ancell / lightdm	1.7.1	1.7.1.x
robert_ancell / lightdm	1.7.5	1.7.5.x
robert_ancell / lightdm	1.7.3	1.7.3.x
robert_ancell / lightdm	1.7.13	1.7.13.x
robert_ancell / lightdm	1.7.2	1.7.2.x
robert_ancell / lightdm	1.4.1	1.4.1.x
robert_ancell / lightdm	1.4.0	1.4.0.x
robert_ancell / lightdm	1.7.11	1.7.11.x
robert_ancell / lightdm	1.7.4	1.7.4.x
robert_ancell / lightdm	1.7.12	1.7.12.x
robert_ancell / lightdm	1.7.9	1.7.9.x
robert_ancell / lightdm	1.7.8	1.7.8.x
robert_ancell / lightdm	1.6.0	1.6.0.x
robert_ancell / lightdm	1.4.2	1.4.2.x

https://bugs.launchpad.net/lightdm/%2Bbug/685212

Vulnerability Database

CVE-2013-4331