Ubuntu : Security Vulnerabilities, CVEs, Published In 2011 CVSS score >= 1
dbus_backend/lsd.py in the D-Bus backend in language-selector before 0.6.7 does not validate the arguments to the (1) SetSystemDefaultLangEnv and (2) SetSystemDefaultLanguageEnv functions, which allows local users to gain privileges via shell metacharacters in a string argument, a different vulnerability than CVE-2011-0729.
Max CVSS
7.2
EPSS Score
0.04%
Published
2011-05-03
Updated
2017-08-17
dbus_backend/ls-dbus-backend in the D-Bus backend in language-selector before 0.6.7 does not restrict access on the basis of a PolicyKit check result, which allows local users to modify the /etc/default/locale and /etc/environment files via a (1) SetSystemDefaultLangEnv or (2) SetSystemDefaultLanguageEnv call.
Max CVSS
7.2
EPSS Score
0.04%
Published
2011-04-29
Updated
2011-07-14
The Live DVD for Edubuntu 9.10, 10.04 LTS, and 10.10 does not correctly regenerate iTALC private keys after installation, which causes each installation to have the same fixed key, which allows remote attackers to gain privileges.
Max CVSS
9.3
EPSS Score
0.27%
Published
2011-02-19
Updated
2017-08-17
3 vulnerabilities found