CVE-2012-6648

{"id": "CVE-2012-6648", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-05-22T23:55:03.003", "references": [{"url": "http://ubuntu.com/usn/usn-1399-1", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://bugs.launchpad.net/ubuntu/%2Bsource/lightdm/%2Bbug/953044", "source": "cve@mitre.org"}, {"url": "https://launchpadlibrarian.net/96474113/gdm-guest-session.secure-cleanup.debdiff", "source": "cve@mitre.org"}, {"url": "http://ubuntu.com/usn/usn-1399-1", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://bugs.launchpad.net/ubuntu/%2Bsource/lightdm/%2Bbug/953044", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://launchpadlibrarian.net/96474113/gdm-guest-session.secure-cleanup.debdiff", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "gdm/guest-session-cleanup.sh in gdm-guest-session 0.24 and earlier, as used in Ubuntu Linux 10.04 LTS, 10.10, and 11.04, allows local users to delete arbitrary files via a space in the name of a file in /tmp. NOTE: this identifier was SPLIT from CVE-2012-0943 per ADT1/ADT2 due to different codebases and affected versions. CVE-2012-0943 is used for the guest-account issue."}, {"lang": "es", "value": "gdm/guest-session-cleanup.sh en gdm-guest-session 0.24 y anteriores, utilizado en Ubuntu Linux 10.04 LTS, 10.10 y 11.04, permite a usuarios locales eliminar archivos arbitrarios a trav\u00e9s de un espacio en el nombre de un archivo en /tmp. NOTA: este identificador fue dividido (SPLIT) de CVE-2012-0943 por ADT1/ADT2 debido a bases de c\u00f3digo y versiones afectadas diferentes. CVE-2012-0943 se utiliza para el asunto guest-account."}], "lastModified": "2024-11-21T01:46:36.670", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:gdm-guest-session_project:gdm-guest-session:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "44B39902-CE75-4ACC-8FF0-DEDCE6D4BEF9", "versionEndIncluding": "0.24"}, {"criteria": "cpe:2.3:a:gdm-guest-session_project:gdm-guest-session:0.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E7ACFB5-27E5-44A0-9C35-6270BB5520A1"}, {"criteria": "cpe:2.3:a:gdm-guest-session_project:gdm-guest-session:0.21:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "685F8494-C197-43C3-9D04-54A82EF0D9EF"}, {"criteria": "cpe:2.3:a:gdm-guest-session_project:gdm-guest-session:0.22:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "94A2CD0F-8037-45F7-8DE0-12C938B3C010"}, {"criteria": "cpe:2.3:a:gdm-guest-session_project:gdm-guest-session:0.23:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AAAB6195-632A-450F-B556-306E35957D57"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7118F616-25CA-4E34-AA13-4D14BB62419F"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "87614B58-24AB-49FB-9C84-E8DDBA16353B"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EF49D26F-142E-468B-87C1-BABEA445255C"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}