NVD

Id
7767  
Name
CVE-2011-0729  
Description
dbus_backend/ls-dbus-backend in the D-Bus backend in language-selector before 0.6.7 does not restrict access on the basis of a PolicyKit check result, which allows local users to modify the /etc/default/locale and /etc/environment files via a (1) SetSystemDefaultLangEnv or (2) SetSystemDefaultLanguageEnv call.  
Reject
 
CVSS Version
2  
CVSS Score
7.2  
Severity
High  
CVSS Base Score
7.2  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:L/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2011-04-29  
Modified Date
2011-07-14  
Seq
2011-0729  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
44206 7767 CVE-2011-0729 47502  View
44207 7767 CVE-2011-0729 USN-1115-1  View
44208 7767 CVE-2011-0729 http://www.ubuntuupdates.org/packages/show/307975  View
44209 7767 CVE-2011-0729 ADV-2011-1032  View
44210 7767 CVE-2011-0729 https://launchpad.net/bugs/764397  View
44211 7767 CVE-2011-0729 https://launchpad.net/ubuntu/+source/language-selector/0.6.7  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
33983 JVNDB-2011-004225 language-selector の D-Bus バックエンドにおけるファイルを改ざんされる脆弱性 language-selector の D-Bus バックエンドの dbus_backend/ls-dbus-backend は、PolicyKit チェック結果を基にアクセスを制限しないため、/etc/default/locale および /etc/environment ファイルを改ざんされる脆弱性が存在します。 CVE-2011-0729 48636 CVE-2011-0729 7767 7.2 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-004225.html 2011-04-29 2012-03-27 View