CVE-2011-3153
Severity CVSS v4.0:
Pending analysis
Type:
CWE-59
Link Following
Publication date:
06/03/2014
Last modified:
12/04/2025
Description
dmrc.c in Light Display Manager (aka LightDM) before 1.1.1 allows local users to read arbitrary files via a symlink attack on ~/.dmrc.
Impact
Base Score 2.0
1.90
Severity 2.0
LOW
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:* | ||
| cpe:2.3:a:robert_ancell:lightdm:*:*:*:*:*:*:*:* | 1.1.0 (including) | |
| cpe:2.3:a:robert_ancell:lightdm:0.0.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:robert_ancell:lightdm:0.0.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:robert_ancell:lightdm:0.0.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:robert_ancell:lightdm:0.0.4:*:*:*:*:*:*:* | ||
| cpe:2.3:a:robert_ancell:lightdm:0.1.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:robert_ancell:lightdm:0.1.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:robert_ancell:lightdm:0.1.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:robert_ancell:lightdm:0.2.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:robert_ancell:lightdm:0.2.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:robert_ancell:lightdm:0.2.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:robert_ancell:lightdm:0.2.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:robert_ancell:lightdm:0.3.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:robert_ancell:lightdm:0.3.1:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://bazaar.launchpad.net/~lightdm-team/lightdm/trunk/revision/1299
- http://www.ubuntu.com/usn/USN-1262-1
- https://bugs.launchpad.net/ubuntu/%2Bsource/lightdm/%2Bbug/883865
- http://bazaar.launchpad.net/~lightdm-team/lightdm/trunk/revision/1299
- http://www.ubuntu.com/usn/USN-1262-1
- https://bugs.launchpad.net/ubuntu/%2Bsource/lightdm/%2Bbug/883865