CVE-2012-0949

The Apport hook in Update Manager as used by Ubuntu 12.04 LTS, 11.10, and 11.04 uploads certain system state archive files when reporting bugs to Launchpad, which allows remote attackers to read repository credentials by viewing a public bug report.

Published: May 31, 2012
Updated: Apr 13, 2023
CVE: CVE-2012-0949
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
canonical / ubuntu_linux	11.04	11.04.x
canonical / ubuntu_linux	11.10	11.10.x
canonical / ubuntu_linux	12.04	12.04.x

http://osvdb.org/82020
http://secunia.com/advisories/49230
http://www.securityfocus.com/bid/53605
http://www.ubuntu.com/usn/USN-1443-1
https://exchange.xforce.ibmcloud.com/vulnerabilities/75728

Vulnerability Database

CVE-2012-0949