CVE-2013-4459

LightDM 1.7.5 through 1.8.3 and 1.9.x before 1.9.2 does not apply the AppArmor profile to the Guest account, which allows local users to bypass intended restrictions by leveraging the Guest account.

Published: Nov 23, 2013
Updated: Apr 13, 2023
CVE: CVE-2013-4459
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 3.3
AV:L/AC:M/Au:N/C:P/I:P/A:N

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
robert_ancell / lightdm	1.7.6	1.7.6.x
robert_ancell / lightdm	1.7.10	1.7.10.x
robert_ancell / lightdm	1.8.0	1.8.0.x
robert_ancell / lightdm	1.9.0	1.9.0.x
robert_ancell / lightdm	1.7.18	1.7.18.x
robert_ancell / lightdm	1.7.7	1.7.7.x
robert_ancell / lightdm	1.7.5	1.7.5.x
robert_ancell / lightdm	1.8.3	1.8.3.x
robert_ancell / lightdm	1.8.2	1.8.2.x
robert_ancell / lightdm	1.8.1	1.8.1.x
robert_ancell / lightdm	1.7.13	1.7.13.x
robert_ancell / lightdm	1.7.17	1.7.17.x
robert_ancell / lightdm	1.7.11	1.7.11.x
robert_ancell / lightdm	1.7.12	1.7.12.x
robert_ancell / lightdm	1.7.16	1.7.16.x
robert_ancell / lightdm	1.7.15	1.7.15.x
robert_ancell / lightdm	1.9.1	1.9.1.x
robert_ancell / lightdm	1.7.9	1.7.9.x
robert_ancell / lightdm	1.7.14	1.7.14.x
robert_ancell / lightdm	1.7.8	1.7.8.x
canonical / ubuntu_linux	13.10	13.10.x

Vulnerability Database

CVE-2013-4459