Robert Ancell: >> Lightdm >> 1.7.6 Security Vulnerabilities
Light Display Manager (aka LightDM) 1.4.x before 1.4.3, 1.6.x before 1.6.2, and 1.7.x before 1.7.14 uses 0664 permissions for the temporary .Xauthority file, which allows local users to obtain sensitive information by reading the file.
CVSS Score
2.1
EPSS Score
0.0
Published
2014-02-02
LightDM 1.7.5 through 1.8.3 and 1.9.x before 1.9.2 does not apply the AppArmor profile to the Guest account, which allows local users to bypass intended restrictions by leveraging the Guest account.
CVSS Score
3.3
EPSS Score
0.001
Published
2013-11-23