5
CVE-2012-0949
- EPSS 2.12%
- Veröffentlicht 31.05.2012 17:55:02
- Zuletzt bearbeitet 16.06.2026 23:38:33
- Quelle security@ubuntu.com
- CVE-Watchlists
- Unerledigt
The Apport hook in Update Manager as used by Ubuntu 12.04 LTS, 11.10, and 11.04 uploads certain system state archive files when reporting bugs to Launchpad, which allows remote attackers to read repository credentials by viewing a public bug report.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Canonical ≫ Ubuntu Linux Version11.04
Canonical ≫ Ubuntu Linux Version11.10
Canonical ≫ Ubuntu Linux Version12.04 Update- Editionlts
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.12% | 0.794 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
http://osvdb.org/82020
http://secunia.com/advisories/49230
http://www.securityfocus.com/bid/53605
http://www.ubuntu.com/usn/USN-1443-1
https://exchange.xforce.ibmcloud.com/vulnerabilities/75728