Vulnerability Details CVE-2012-5356
The apt-add-repository tool in Ubuntu Software Properties 0.75.x before 0.75.10.3, 0.80.x before 0.80.9.2, 0.81.x before 0.81.13.5, 0.82.x before 0.82.7.3, and 0.92.x before 0.92.8 does not properly check PPA GPG keys imported from a keyserver, which allows remote attackers to install arbitrary package repository GPG keys via a man-in-the-middle (MITM) attack.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.0%
CVSS Severity
CVSS v2 Score 5.8
References
- http://www.securityfocus.com/bid/55736
- http://www.ubuntu.com/usn/USN-1588-1
- https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1016643
- https://exchange.xforce.ibmcloud.com/vulnerabilities/78990
- http://www.securityfocus.com/bid/55736
- http://www.ubuntu.com/usn/USN-1588-1
- https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1016643
- https://exchange.xforce.ibmcloud.com/vulnerabilities/78990
Products affected by CVE-2012-5356
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.75.10
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.75.10.1
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.75.10.2
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.75.4
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.75.5
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.75.6
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.75.7
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.75.8
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.75.9
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.80
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.80.2
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.80.3
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.80.4
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.80.5
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.80.6
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.80.7
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.80.8
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.80.9
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.80.9.1
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.81
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.81.1
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.81.10
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.81.11
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.81.13
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.81.13.1
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.81.13.2
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.81.13.3
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.81.13.4
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.81.2
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.81.3
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.81.4
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.81.5
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.81.6
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.81.7
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.81.8
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.81.9
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.82
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.82.2
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.82.3
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.82.4
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.82.5
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.82.6
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.82.7
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.82.7.1
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.82.7.2
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.92
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.92.2
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.92.3
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.92.4
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.92.5
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.92.6
-
cpe:2.3:a:canonical:ubuntu_software_properties:0.92.7