Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
1.9
CVSSv2

CVE-2011-3154

Published: 17/04/2014 Updated: 05/05/2014
CVSS v2 Base Score: 1.9 | Impact Score: 2.9 | Exploitability Score: 3.4
VMScore: 169
Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N
Subscribe to Canonical

Vulnerability Summary

DistUpgrade/DistUpgradeViewKDE.py in Update Manager prior to 1:0.87.31.1, 1:0.134.x prior to 1:0.134.11.1, 1:0.142.x prior to 1:0.142.23.1, 1:0.150.x prior to 1:0.150.5.1, and 1:0.152.x prior to 1:0.152.25.5 does not properly create temporary files, which allows local users to obtain the XAUTHORITY file content for a user via a symlink attack on the temporary file.

Vulnerable Product Search on Vulmon Subscribe to Product

canonical ubuntu linux 8.04

canonical ubuntu linux 10.04

canonical update-manager 1\\

canonical ubuntu linux 11.10

canonical update-manager

canonical ubuntu linux 10.10

canonical ubuntu linux 11.04

Vendor Advisories

Ubuntu Security Notice: update-manager regression
USN-1284-1 introduced a regression in Update Manager ...
Ubuntu Security Notice: update-manager vulnerabilities
Update Manager could be made to overwrite files as the administrator ...

References

CWE-59http://www.ubuntu.com/usn/USN-1284-1https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/881541http://secunia.com/advisories/47024https://usn.ubuntu.com/1284-2/https://nvd.nist.gov
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-1183hard-codedCVE-2024-28254CVE-2023-43790buffer overflowbypassCVE-2024-32633CVE-2024-1874CVE-2024-23558
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook