CVE-2012-0863

2012-04-3000:00:00

ubuntu.com

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON

Mumble 1.2.3 and earlier uses world-readable permissions for
.local/share/data/Mumble/.mumble.sqlite files in home directories, which
might allow local users to obtain a cleartext password and configuration
data by reading a file.

Bugs

<https://bugs.launchpad.net/ubuntu/+source/mumble/+bug/783405>

OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchmumble< 1.2.2-1ubuntu1.2UNKNOWN
ubuntu10.10noarchmumble< 1.2.2-4ubuntu0.2UNKNOWN
ubuntu11.04noarchmumble< 1.2.3-1ubuntu6.1UNKNOWN
ubuntu11.10noarchmumble< 1.2.3-2ubuntu2.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	10.04	noarch	mumble	< 1.2.2-1ubuntu1.2	UNKNOWN
ubuntu	10.10	noarch	mumble	< 1.2.2-4ubuntu0.2	UNKNOWN
ubuntu	11.04	noarch	mumble	< 1.2.3-1ubuntu6.1	UNKNOWN
ubuntu	11.10	noarch	mumble	< 1.2.3-2ubuntu2.1	UNKNOWN