ubiquity-slideshow-ubuntu before 58.2, during installation, allows remote man-in-the-middle attackers to execute arbitrary web script or HTML and read arbitrary files via a crafted attribute in the tag of a Twitter feed.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Ubiquity-slideshow-ubuntu | Ubiquity_slideshow_team | * | 58.1 (including) |
| Ubiquity-slideshow-ubuntu | Ubiquity_slideshow_team | 49 (including) | 49 (including) |
| Ubiquity-slideshow-ubuntu | Ubiquity_slideshow_team | 52 (including) | 52 (including) |
| Ubiquity-slideshow-ubuntu | Ubiquity_slideshow_team | 53 (including) | 53 (including) |
| Ubiquity-slideshow-ubuntu | Ubiquity_slideshow_team | 54 (including) | 54 (including) |
| Ubiquity-slideshow-ubuntu | Ubiquity_slideshow_team | 55 (including) | 55 (including) |
| Ubiquity-slideshow-ubuntu | Ubiquity_slideshow_team | 56 (including) | 56 (including) |
| Ubiquity-slideshow-ubuntu | Ubiquity_slideshow_team | 57 (including) | 57 (including) |
| Ubiquity-slideshow-ubuntu | Ubiquity_slideshow_team | 58 (including) | 58 (including) |
| Ubiquity-slideshow-ubuntu | Ubuntu | devel | * |
| Ubiquity-slideshow-ubuntu | Ubuntu | precise | * |
| Ubiquity-slideshow-ubuntu | Ubuntu | upstream | * |