Launchpad CVE tracker

CVE 2012-0956

ubiquity-slideshow-ubuntu before 58.2, during installation, allows remote man-in-the-middle attackers to execute arbitrary web script or HTML and read arbitrary files via a crafted attribute in the <a> tag of a Twitter feed.

Related bugs and status

CVE-2012-0956 (Candidate) is related to these bugs:

Bug #958880: [UIFe] Update of Lubuntu Slideshow for 12.04

Summary				In	Importance	Status
	958880	[UIFe] Update of Lubuntu Slideshow for 12.04		ubiquity-slideshow-ubuntu (Ubuntu)	Undecided	Fix Released
	958880	[UIFe] Update of Lubuntu Slideshow for 12.04		Ubuntu Translations	Medium	Won't Fix

Bug #991982: Arbitrary file disclosure via MITM of twitter feed

		In	Importance	Status
991982	Arbitrary file disclosure via MITM of twitter feed	ubiquity-slideshow-ubuntu (Ubuntu)	Critical	Fix Released
991982	Arbitrary file disclosure via MITM of twitter feed	ubiquity-slideshow-ubuntu (Ubuntu Precise)	Critical	Fix Released
991982	Arbitrary file disclosure via MITM of twitter feed	ubiquity-slideshow-ubuntu (Ubuntu Quantal)	Critical	Fix Released

Bug #1035806: Please support customization of ubiquity-slideshow through defaults builder

		In	Importance	Status
1035806	Please support customization of ubiquity-slideshow through defaults builder	ubuntu-defaults-builder (Ubuntu)	Undecided	Fix Released
1035806	Please support customization of ubiquity-slideshow through defaults builder	ubiquity-slideshow-ubuntu (Ubuntu)	Undecided	Fix Released
1035806	Please support customization of ubiquity-slideshow through defaults builder	ubiquity (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://bugs.launchpad...
UBUNTU: USN-1561-1

Launchpad.net

CVE 2012-0956

Related bugs and status

Related bugs

References