CVE-2012-0943

NameCVE-2012-0943
Descriptiondebian/guest-account in Light Display Manager (lightdm) 1.0.x before 1.0.6 and 1.1.x before 1.1.7, as used in Ubuntu Linux 11.10, allows local users to delete arbitrary files via a space in the name of a file in /tmp. NOTE: this identifier was SPLIT per ADT1/ADT2 due to different codebases and affected versions. CVE-2012-6648 has been assigned for the gdm-guest-session issue.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
lightdm (PTS)buster1.26.0-4fixed
bullseye1.26.0-7fixed
bookworm1.26.0-8fixed
sid, trixie1.32.0-4fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
lightdmsource(unstable)(not affected)

Notes

- lightdm <not-affected> (Ubuntu-specific script)
Search for package or bug name: Reporting problems