CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Linuxmint: >> Cinnamon >> 2.0.11 Security Vulnerabilities

CVE-2018-13054

An issue was discovered in Cinnamon 1.9.2 through 3.8.6. The cinnamon-settings-users.py GUI runs as root and allows configuration of (for example) other users' icon files in _on_face_browse_menuitem_activated and _on_face_menuitem_activated. These icon files are written to the respective user's $HOME/.face location. If an unprivileged user prepares a symlink pointing to an arbitrary location, then this location will be overwritten with the icon content.

CVSS Score

8.1

EPSS Score

0.004

Published

2018-07-02

Page 1

Vulnerabilities

Vulnerable Software

Linuxmint: >> Cinnamon >> 2.0.11 Security Vulnerabilities

Products

Pricing

Contact Us