3 matches found
CVE-2015-1327
creationtimestamp| type| source ---|---|--- 2019-04-22 20:30:43+00:00| seen| https://t.me/cibsecurity/3857...
CVE-2015-1327
Content Hub before version 0.0+15.04.20150331-0ubuntu1.0 is vulnerable to an information disclosure via DBUS API where a confined app passes a file path and a malicious actor could cause a transfer of file:///etc/passwd to another app. Root cause: the DBUS API does not require the confined app to...
CVE-2015-1327 Content-hub DBUS API doesn't prevent confined apps from passing paths to files without access
Content Hub before version 0.0+15.04.20150331-0ubuntu1.0 DBUS API only requires a file path for a content item, it doesn't actually require the confined app have access to the file to create a transfer. This could allow a malicious application using the DBUS API to export file:///etc/passwd which...