language-selector vulnerability

2013-09-1800:00:00

ubuntu.com

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.4

Confidence

Low

EPSS

Percentile

5.1%

JSON

Releases

Ubuntu 13.04
Ubuntu 12.10
Ubuntu 12.04

Packages

language-selector - Language selector for Ubuntu

Details

It was discovered that language-selector was using polkit in an unsafe
manner. A local attacker could possibly use this issue to bypass intended
polkit authorizations.

OSVersionArchitecturePackageVersionFilename
Ubuntu13.04noarchlanguage-selector-common< 0.110.1UNKNOWN
Ubuntu13.04noarchlanguage-selector-gnome< 0.110.1UNKNOWN
Ubuntu12.10noarchlanguage-selector-common< 0.90.1UNKNOWN
Ubuntu12.10noarchlanguage-selector-gnome< 0.90.1UNKNOWN
Ubuntu12.10noarchlanguage-selector-kde< 0.90.1UNKNOWN
Ubuntu12.04noarchlanguage-selector-common< 0.79.4UNKNOWN
Ubuntu12.04noarchlanguage-selector< 0.79.4UNKNOWN
Ubuntu12.04noarchlanguage-selector-gnome< 0.79.4UNKNOWN
Ubuntu12.04noarchlanguage-selector-kde< 0.79.4UNKNOWN
Ubuntu12.04noarchlanguage-selector-qt< 0.79.4UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	13.04	noarch	language-selector-common	< 0.110.1	UNKNOWN
Ubuntu	13.04	noarch	language-selector-gnome	< 0.110.1	UNKNOWN
Ubuntu	12.10	noarch	language-selector-common	< 0.90.1	UNKNOWN
Ubuntu	12.10	noarch	language-selector-gnome	< 0.90.1	UNKNOWN
Ubuntu	12.10	noarch	language-selector-kde	< 0.90.1	UNKNOWN
Ubuntu	12.04	noarch	language-selector-common	< 0.79.4	UNKNOWN
Ubuntu	12.04	noarch	language-selector	< 0.79.4	UNKNOWN
Ubuntu	12.04	noarch	language-selector-gnome	< 0.79.4	UNKNOWN
Ubuntu	12.04	noarch	language-selector-kde	< 0.79.4	UNKNOWN
Ubuntu	12.04	noarch	language-selector-qt	< 0.79.4	UNKNOWN