CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-1064

apt-xapian-index before 0.45ubuntu2.1, 0.44ubuntu7.1, and 0.44ubuntu5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 19.5%

CVSS Severity

CVSS v2 Score 4.6

References

Products affected by CVE-2013-1064

Canonical » Apt-Xapian-Index » Version: 0.44ubuntu5.1

cpe:2.3:a:canonical:apt-xapian-index:0.44ubuntu5.1
Canonical » Apt-Xapian-Index » Version: 0.44ubuntu7.1

cpe:2.3:a:canonical:apt-xapian-index:0.44ubuntu7.1
Canonical » Apt-Xapian-Index » Version: 0.45ubuntu1

cpe:2.3:a:canonical:apt-xapian-index:0.45ubuntu1
Canonical » Apt-Xapian-Index » Version: 0.45ubuntu2

cpe:2.3:a:canonical:apt-xapian-index:0.45ubuntu2
Canonical » Ubuntu Linux » Version: 12.04

cpe:2.3:o:canonical:ubuntu_linux:12.04
Canonical » Ubuntu Linux » Version: 12.10

cpe:2.3:o:canonical:ubuntu_linux:12.10
Canonical » Ubuntu Linux » Version: 13.04

cpe:2.3:o:canonical:ubuntu_linux:13.04

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-1064

Products

Pricing

Contact Us