CVE-2012-0956

ubiquity-slideshow-ubuntu before 58.2, during installation, allows remote man-in-the-middle attackers to execute arbitrary web script or HTML and read arbitrary files via a crafted attribute in the tag of a Twitter feed.

Affected Software

Name	Vendor	Start Version	End Version
Ubiquity-slideshow-ubuntu	Ubiquity_slideshow_team	*	58.1 (including)
Ubiquity-slideshow-ubuntu	Ubiquity_slideshow_team	49 (including)	49 (including)
Ubiquity-slideshow-ubuntu	Ubiquity_slideshow_team	52 (including)	52 (including)
Ubiquity-slideshow-ubuntu	Ubiquity_slideshow_team	53 (including)	53 (including)
Ubiquity-slideshow-ubuntu	Ubiquity_slideshow_team	54 (including)	54 (including)
Ubiquity-slideshow-ubuntu	Ubiquity_slideshow_team	55 (including)	55 (including)
Ubiquity-slideshow-ubuntu	Ubiquity_slideshow_team	56 (including)	56 (including)
Ubiquity-slideshow-ubuntu	Ubiquity_slideshow_team	57 (including)	57 (including)
Ubiquity-slideshow-ubuntu	Ubiquity_slideshow_team	58 (including)	58 (including)
Ubiquity-slideshow-ubuntu	Ubuntu	devel	*
Ubiquity-slideshow-ubuntu	Ubuntu	precise	*
Ubiquity-slideshow-ubuntu	Ubuntu	upstream	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-0956
CWE	https://cwe.mitre.org/data/definitions/264.html

Affected Software

References