ubiquity-slideshow-ubuntu before 58.2, during installation, allows remote man-in-the-middle attackers to execute arbitrary web script or HTML and read arbitrary files via a crafted attribute in the <a> tag of a Twitter feed.
References
Link | Resource |
---|---|
http://www.ubuntu.com/usn/USN-1561-1 | Vendor Advisory |
https://bugs.launchpad.net/ubuntu/%2Bsource/ubiquity-slideshow-ubuntu/%2Bbug/991982 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: canonical
Published: 2022-10-03T16:15:40
Updated: 2022-10-03T16:15:40
Reserved: 2022-10-03T00:00:00
Link: CVE-2012-0956
JSON object: View
NVD Information
Status : Analyzed
Published: 2012-09-28T15:55:00.820
Modified: 2012-10-04T04:00:00.000
Link: CVE-2012-0956
JSON object: View
Redhat Information
No data.
CWE