CVE-2011-4406
published 2014-04-16CVE-2011-4406: The Ubuntu AccountsService package before 0.6.14-1git1ubuntu1.1 does not properly drop privileges when changing language settings, which allows local users to…
low3.6CVSS 3.1
AVLACLAuNCNIPAP
The Ubuntu AccountsService package before 0.6.14-1git1ubuntu1.1 does not properly drop privileges when changing language settings, which allows local users to modify arbitrary files via unspecified vectors.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | accountsservice | <= 0.6.14 | — |
| canonical | accountsservice | >= 0 < 0.6.15-3 | 0.6.15-3 |
| canonical | accountsservice | >= 0 < 0.6.15-3 | 0.6.15-3 |
| canonical | accountsservice | >= 0 < 0.6.15-3 | 0.6.15-3 |
| canonical | accountsservice | >= 0 < 0.6.15-3 | 0.6.15-3 |
| canonical | ubuntu_linux | — | — |
| debian | accountsservice | < accountsservice 0.6.15-3 (bookworm) | accountsservice 0.6.15-3 (bookworm) |
CVSS provenance
nvd3.6LOWAV:L/AC:L/Au:N/C:N/I:P/A:P
osv3.6LOW