Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2011-4349
HistoryNov 25, 2011 - 12:00 a.m.

CVE-2011-4349

2011-11-2500:00:00
ubuntu.com
ubuntu.com
9

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON

Multiple SQL injection vulnerabilities in (1) cd-mapping-db.c and (2)
cd-device-db.c in colord before 0.1.15 allow local users to execute
arbitrary SQL commands via vectors related to color devices and (a) device
id, (b) property, or © profile id.

Bugs

Notes

Author Note
tyhicks colord runs as colord but unpriv’ed users can create devices
OSVersionArchitecturePackageVersionFilename
ubuntu11.10noarchcolord< 0.1.12-1ubuntu2.1UNKNOWN

Related

cve 1
nessus 4
securityvulns 1
prion 1
ubuntu 1
openvas 6
debiancve 1
nvd 1
cvelist 1
fedora 2
cve
cve
CVE-2011-4349
2022-10-03 16:15:14
nessus
nessus
Fedora 15 : colord-0.1.15-1.fc15 (2011-16451)
2011-12-05 00:00:00
Fedora 16 : colord-0.1.15-1.fc16 (2011-16453)
2011-12-05 00:00:00
Ubuntu 11.10 : colord vulnerability (USN-1289-1)
2011-12-08 00:00:00
securityvulns
securityvulns
[USN-1289-1] colord vulnerability
2011-12-12 00:00:00
prion
prion
Sql injection
2011-12-10 17:55:00
ubuntu
ubuntu
colord vulnerability
2011-12-07 00:00:00
openvas
openvas
Fedora Update for colord FEDORA-2011-16453
2012-04-02 00:00:00
Fedora Update for colord FEDORA-2011-16451
2011-12-05 00:00:00
Ubuntu: Security Advisory (USN-1289-1)
2012-03-16 00:00:00
debiancve
debiancve
CVE-2011-4349
2022-10-03 16:15:14
nvd
nvd
CVE-2011-4349
2011-12-10 17:55:01
cvelist
cvelist
CVE-2011-4349
2022-10-03 16:15:14
fedora
fedora
[SECURITY] Fedora 15 Update: colord-0.1.15-1.fc15
2011-12-05 00:24:58
[SECURITY] Fedora 16 Update: colord-0.1.15-1.fc16
2011-12-04 02:46:55

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON
Related for UB:CVE-2011-4349
cve1nessus4securityvulns1prion1ubuntu1openvas6debiancve1nvd1cvelist1fedora2