Lucene search

Ubuntu.comUB:CVE-2015-7946

HistoryMay 07, 2020 - 12:00 a.m.

CVE-2015-7946

2020-05-0700:00:00

ubuntu.com

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N

EPSS

0.001

Percentile

31.4%

JSON

Information Exposure vulnerability in Unity8 as used on the Ubuntu phone
and possibly also in Unity8 shipped elsewhere. This allows an attacker to
enable the MTP service by opening the emergency dialer. Fixed in
8.11+16.04.20160111.1-0ubuntu1 and 8.11+15.04.20160122-0ubuntu1.

Bugs

<https://bugs.launchpad.net/ubuntu/+source/unity8/+bug/1525981>

Notes

Author	Note
jdstrand	this is scheduled to be fixed in OTA9

References

launchpad.net/bugs/cve/CVE-2015-7946

nvd.nist.gov/vuln/detail/CVE-2015-7946

security-tracker.debian.org/tracker/CVE-2015-7946

www.cve.org/CVERecord?id=CVE-2015-7946

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N

EPSS

0.001

Percentile

31.4%

JSON

Related for UB:CVE-2015-7946