CVE-2011-1842
Publication date 19 April 2011
Last updated 24 July 2024
Ubuntu priority
dbus_backend/lsd.py in the D-Bus backend in language-selector before 0.6.7 does not validate the arguments to the (1) SetSystemDefaultLangEnv and (2) SetSystemDefaultLanguageEnv functions, which allows local users to gain privileges via shell metacharacters in a string argument, a different vulnerability than CVE-2011-0729.
Status
Package | Ubuntu Release | Status |
---|---|---|
language-selector | 11.04 natty |
Fixed 0.33
|
10.10 maverick |
Fixed 0.6.7
|
|
10.04 LTS lucid |
Not affected
|
|
9.10 karmic |
Not affected
|
|
8.04 LTS hardy |
Not affected
|
|
6.06 LTS dapper |
Not affected
|
References
Related Ubuntu Security Notices (USN)
- USN-1115-1
- language-selector vulnerability
- 19 April 2011