CVE-2012-0063

EUVD-2012-0101
Insecure plugin update mechanism in tucan through 0.3.10 could allow remote attackers to perform man-in-the-middle attacks and execute arbitrary code ith the permissions of the user running tucan.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.1 HIGH
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 84%
Affected Products (NVD)
VendorProductVersion
tucaneandotucan
𝑥
≤ 0.3.10
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
tucan
hardy
dne
lucid
ignored
maverick
ignored
natty
ignored
oneiric
ignored
precise
dne
quantal
dne
raring
dne
saucy
dne
References
http://www.openwall.com/lists/oss-security/2012/01/19/5
https://access.redhat.com/security/cve/cve-2012-0063
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0063
https://security-tracker.debian.org/tracker/CVE-2012-0063
http://www.openwall.com/lists/oss-security/2012/01/19/5
https://access.redhat.com/security/cve/cve-2012-0063
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0063
https://security-tracker.debian.org/tracker/CVE-2012-0063