Vulnerability Details CVE-2012-0949
The Apport hook in Update Manager as used by Ubuntu 12.04 LTS, 11.10, and 11.04 uploads certain system state archive files when reporting bugs to Launchpad, which allows remote attackers to read repository credentials by viewing a public bug report.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 63.6%
CVSS Severity
CVSS v2 Score 5.0
References
- http://osvdb.org/82020
- http://secunia.com/advisories/49230
- http://www.securityfocus.com/bid/53605
- http://www.ubuntu.com/usn/USN-1443-1
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75728
- http://osvdb.org/82020
- http://secunia.com/advisories/49230
- http://www.securityfocus.com/bid/53605
- http://www.ubuntu.com/usn/USN-1443-1
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75728
Products affected by CVE-2012-0949
-
cpe:2.3:o:canonical:ubuntu_linux:11.04
-
cpe:2.3:o:canonical:ubuntu_linux:11.10
-
cpe:2.3:o:canonical:ubuntu_linux:12.04