CVE-2012-5356

2012-10-10T18:55:00
ID CVE-2012-5356
Type cve
Reporter cve@mitre.org
Modified 2017-08-29T01:32:00

Description

The apt-add-repository tool in Ubuntu Software Properties 0.75.x before 0.75.10.3, 0.80.x before 0.80.9.2, 0.81.x before 0.81.13.5, 0.82.x before 0.82.7.3, and 0.92.x before 0.92.8 does not properly check PPA GPG keys imported from a keyserver, which allows remote attackers to install arbitrary package repository GPG keys via a man-in-the-middle (MITM) attack.