CVE-2013-1067

Apport 2.12.5 and earlier uses weak permissions for core dump files created by setuid binaries, which allows local users to obtain sensitive information by reading the file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.9 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:C/I:N/A:N
canonicalCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 12%
VendorProductVersion
canonicalubuntu_linux
12.04
canonicalubuntu_linux
12.10
canonicalubuntu_linux
13.04
canonicalubuntu_linux
13.10
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
apport
saucy
Fixed 2.12.5-0ubuntu2.1
released
raring
Fixed 2.9.2-0ubuntu8.5
released
quantal
Fixed 2.6.1-0ubuntu13
released
precise
Fixed 2.0.1-0ubuntu17.6
released
lucid
ignored
Common Weakness Enumeration
References
http://www.ubuntu.com/usn/USN-2007-1
http://www.ubuntu.com/usn/USN-2007-1