Vulnerability Details CVE-2015-8316
Array index error in LightDM (aka Light Display Manager) 1.14.3, 1.16.x before 1.16.6 when the XDMCP server is enabled allows remote attackers to cause a denial of service (process crash) via an XDMCP request packet with no address.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.3%
CVSS Severity
CVSS v3 Score 5.9
CVSS v2 Score 4.3
References
- http://www.openwall.com/lists/oss-security/2015/11/22/1
- https://bugs.launchpad.net/lightdm/+bug/1516831
- https://bugzilla.redhat.com/show_bug.cgi?id=1284574
- http://www.openwall.com/lists/oss-security/2015/11/22/1
- https://bugs.launchpad.net/lightdm/+bug/1516831
- https://bugzilla.redhat.com/show_bug.cgi?id=1284574
Products affected by CVE-2015-8316
-
cpe:2.3:a:lightdm_project:lightdm:1.14.3
-
cpe:2.3:a:lightdm_project:lightdm:1.16
-
cpe:2.3:a:lightdm_project:lightdm:1.16.1
-
cpe:2.3:a:lightdm_project:lightdm:1.16.2
-
cpe:2.3:a:lightdm_project:lightdm:1.16.3
-
cpe:2.3:a:lightdm_project:lightdm:1.16.4