CVE-2012-0956

Priority
Medium
Description
ubiquity-slideshow-ubuntu before 58.2, during installation, allows remote
man-in-the-middle attackers to execute arbitrary web script or HTML and
read arbitrary files via a crafted attribute in the <a> tag of a Twitter
feed.
References
Bugs
Assigned-to
mdeslaur
Package
Upstream:released (60)
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):not-affected
Ubuntu 11.04 (Natty Narwhal):not-affected
Ubuntu 11.10 (Oneiric Ocelot):not-affected
Ubuntu 12.04 LTS (Precise Pangolin):released (58.2)
Ubuntu 12.10 (Quantal Quetzal):released (60)
More Information

Valid XHTML 1.0 Strict

Updated: 2012-10-04 18:14:32 UTC (commit 5863)