Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2016-9951
HistoryDec 17, 2016 - 3:59 a.m.

CVE-2016-9951

2016-12-1703:59:00
CWE-284
[email protected]
web.nvd.nist.gov
5

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

47.5%

JSON

An issue was discovered in Apport before 2.20.4. A malicious Apport crash file can contain a restart command in RespawnCommand or ProcCmdline fields. This command will be executed if a user clicks the Relaunch button on the Apport prompt from the malicious crash file. The fix is to only show the Relaunch button on Apport crash files generated by local systems. The Relaunch button will be hidden when crash files are opened directly in Apport-GTK.

Affected configurations

Nvd
Node
apport_projectapportRange≀2.20.3
VendorProductVersionCPE
apport_projectapport*cpe:2.3:a:apport_project:apport:*:*:*:*:*:*:*:*

Related

cvelist 1
cve 1
ubuntucve 1
prion 1
seebug 1
zdt 1
nessus 1
openvas 1
exploitpack 1
exploitdb 1
ubuntu 1
cvelist
cvelist
CVE-2016-9951
2016-12-17 03:34:00
cve
cve
CVE-2016-9951
2016-12-17 03:59:00
ubuntucve
ubuntucve
CVE-2016-9951
2016-12-14 00:00:00
prion
prion
Command injection
2016-12-17 03:59:00
seebug
seebug
Ubuntu Apport < 2.20.4 Code Execution on Ubuntu Desktop(CVE-2016-9949οΌ‰
2016-12-23 00:00:00
zdt
zdt
Apport 2.x (Ubuntu Desktop 12.10 < 16.04) - Local Code Execution Exploit
2016-12-19 00:00:00
nessus
nessus
Ubuntu 14.04 LTS / 16.04 LTS : Apport vulnerabilities (USN-3157-1)
2016-12-15 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3157-1)
2016-12-15 00:00:00
exploitpack
exploitpack
Apport 2.x (Ubuntu Desktop 12.10 16.04) - Local Code Execution
2016-12-14 00:00:00
exploitdb
exploitdb
Apport 2.x (Ubuntu Desktop 12.10 &lt; 16.04) - Local Code Execution
2016-12-14 00:00:00
ubuntu
ubuntu
Apport vulnerabilities
2016-12-14 00:00:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

47.5%

JSON
Related for NVD:CVE-2016-9951
cvelist1cve1ubuntucve1prion1seebug1zdt1nessus1openvas1exploitpack1exploitdb1ubuntu1