CVE-2011-1842 - OpenCVE

dbus_backend/lsd.py in the D-Bus backend in language-selector before 0.6.7 does not validate the arguments to the (1) SetSystemDefaultLangEnv and (2) SetSystemDefaultLanguageEnv functions, which allows local users to gain privileges via shell metacharacters in a string argument, a different vulnerability than CVE-2011-0729.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Ubuntu	Language-selector

Configuration 1 [-]

OR	cpe:2.3:a:ubuntu:language-selector::::::::
	cpe:2.3:a:ubuntu:language-selector:0.0\+baz20050531:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.0\+baz20050609:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.0\+baz20050614:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.0\+baz20050808:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.0\+baz20050811:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.0\+baz20050819:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.0\+baz20050819.2:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.0\+baz20050822:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.0\+baz20050823:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.0\+baz20050824:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.0\+baz20050912:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.0\+baz20050926:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.0\+baz20050927:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.1:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.1.1:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.1.2:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.1.3:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.1.4:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.1.5:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.1.6:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.1.7:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.1.8:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.1.9:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.1.10:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.1.11:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.1.12:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.1.13:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.1.14:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.1.15:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.1.16:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.1.17:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.1.18:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.1.19:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.1.20:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.1.21:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.1.22:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.1.23:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.1.24:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.1.25:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.1.26:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.1.27:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.1.28:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.1.29:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.1.30:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.2.0:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.2.1:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.2.2:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.2.3:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.2.4:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.2.5:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.2.6:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.2.7:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.2.8:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.2.9:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.2.10:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.3.0:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.3.1:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.3.2:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.3.3:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.3.4:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.3.5:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.3.6:::::::*
	cpe:2.3:a:ubuntu:language-selector:0.3.7:::::::*
cpe:2.3:a:ubuntu:language-selector:0.3.8:::::::*
cpe:2.3:a:ubuntu:language-selector:0.3.9:::::::*
cpe:2.3:a:ubuntu:language-selector:0.3.10:::::::*
cpe:2.3:a:ubuntu:language-selector:0.3.11:::::::*
cpe:2.3:a:ubuntu:language-selector:0.3.12:::::::*
cpe:2.3:a:ubuntu:language-selector:0.3.13:::::::*
cpe:2.3:a:ubuntu:language-selector:0.3.14:::::::*
cpe:2.3:a:ubuntu:language-selector:0.3.15:::::::*
cpe:2.3:a:ubuntu:language-selector:0.3.16:::::::*
cpe:2.3:a:ubuntu:language-selector:0.3.17:::::::*
cpe:2.3:a:ubuntu:language-selector:0.3.20:::::::*
cpe:2.3:a:ubuntu:language-selector:0.3.21:::::::*
cpe:2.3:a:ubuntu:language-selector:0.4.0:::::::*
cpe:2.3:a:ubuntu:language-selector:0.4.1:::::::*
cpe:2.3:a:ubuntu:language-selector:0.4.2:::::::*
cpe:2.3:a:ubuntu:language-selector:0.4.2.1:::::::*
cpe:2.3:a:ubuntu:language-selector:0.4.2.2:::::::*
cpe:2.3:a:ubuntu:language-selector:0.4.2.3:::::::*
cpe:2.3:a:ubuntu:language-selector:0.4.3:::::::*
cpe:2.3:a:ubuntu:language-selector:0.4.4:::::::*
cpe:2.3:a:ubuntu:language-selector:0.4.5:::::::*
cpe:2.3:a:ubuntu:language-selector:0.4.6:::::::*
cpe:2.3:a:ubuntu:language-selector:0.4.7:::::::*
cpe:2.3:a:ubuntu:language-selector:0.4.8:::::::*
cpe:2.3:a:ubuntu:language-selector:0.4.9:::::::*
cpe:2.3:a:ubuntu:language-selector:0.4.10:::::::*
cpe:2.3:a:ubuntu:language-selector:0.4.11:::::::*
cpe:2.3:a:ubuntu:language-selector:0.4.12:::::::*
cpe:2.3:a:ubuntu:language-selector:0.4.13:::::::*
cpe:2.3:a:ubuntu:language-selector:0.4.14:::::::*
cpe:2.3:a:ubuntu:language-selector:0.4.15:::::::*
cpe:2.3:a:ubuntu:language-selector:0.4.16:::::::*
cpe:2.3:a:ubuntu:language-selector:0.4.17:::::::*
cpe:2.3:a:ubuntu:language-selector:0.4.18:::::::*
cpe:2.3:a:ubuntu:language-selector:0.4.19:::::::*
cpe:2.3:a:ubuntu:language-selector:0.5.0:::::::*
cpe:2.3:a:ubuntu:language-selector:0.5.1:::::::*
cpe:2.3:a:ubuntu:language-selector:0.5.2:::::::*
cpe:2.3:a:ubuntu:language-selector:0.5.3:::::::*
cpe:2.3:a:ubuntu:language-selector:0.5.4:::::::*
cpe:2.3:a:ubuntu:language-selector:0.5.5:::::::*
cpe:2.3:a:ubuntu:language-selector:0.5.6:::::::*
cpe:2.3:a:ubuntu:language-selector:0.5.7:::::::*
cpe:2.3:a:ubuntu:language-selector:0.6.0:::::::*
cpe:2.3:a:ubuntu:language-selector:0.6.1:::::::*
cpe:2.3:a:ubuntu:language-selector:0.6.2:::::::*
cpe:2.3:a:ubuntu:language-selector:0.6.3:::::::*
cpe:2.3:a:ubuntu:language-selector:0.6.4:::::::*
cpe:2.3:a:ubuntu:language-selector:0.6.5:::::::*

No data.

References

Link	Providers
http://secunia.com/advisories/44214
http://www.securityfocus.com/bid/47502
http://www.ubuntu.com/usn/USN-1115-1/
http://www.ubuntuupdates.org/packages/show/307975
http://www.vupen.com/english/advisories/2011/1032
https://exchange.xforce.ibmcloud.com/vulnerabilities/67255
https://launchpad.net/bugs/764397
https://launchpad.net/ubuntu/+source/language-selector/0.6.7

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2011-05-03T00:03:00

Updated: 2024-08-06T22:37:26.083Z

Reserved: 2011-05-02T00:00:00

Link: CVE-2011-1842

Vulnrichment

No data.

NVD

Status : Modified

Published: 2011-05-03T00:55:01.093

Modified: 2017-08-17T01:34:26.527

Link: CVE-2011-1842

Redhat

No data.

Metrics

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object