1. Home
  2. CVE Database
  3. CVE-2013-4331
LOW · 2.1

CVE-2013-4331

Light Display Manager (aka LightDM) 1.4.x before 1.4.3, 1.6.x before 1.6.2, and 1.7.x before 1.7.14 uses 0664 permissions for the temporary .Xauthority file, which allows local users to obtain sensiti...

Vulnerability Description

Light Display Manager (aka LightDM) 1.4.x before 1.4.3, 1.6.x before 1.6.2, and 1.7.x before 1.7.14 uses 0664 permissions for the temporary .Xauthority file, which allows local users to obtain sensitive information by reading the file.

CVSS Score

2.1

LOW

AV:L/AC:L/Au:N/C:P/I:N/A:N
Confidentiality
PARTIAL
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
Robert AncellLightdm1.4.0

Related Weaknesses (CWE)

CWE-264

References

FAQ

What is CVE-2013-4331?

CVE-2013-4331 is a vulnerability with a CVSS score of 2.1 (LOW). Light Display Manager (aka LightDM) 1.4.x before 1.4.3, 1.6.x before 1.6.2, and 1.7.x before 1.7.14 uses 0664 permissions for the temporary .Xauthority file, which allows local users to obtain sensiti...

How severe is CVE-2013-4331?

CVE-2013-4331 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2013-4331?

Check the references section above for vendor advisories and patch information. Affected products include: Robert Ancell Lightdm.