CVE-2011-3150

Опубликовано: 29 нояб. 2011

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

Software Center in Ubuntu 11.10, 11.04 10.10 does not properly validate server certificates, which allows remote attackers to execute arbitrary code or obtain sensitive information via a man-in-the-middle (MITM) attack.

Ссылки

http://secunia.com/advisories/46950
Vendor Advisory
http://www.securityfocus.com/bid/50754
Vendor Advisory
http://www.ubuntu.com/usn/USN-1270-1
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/71430
http://secunia.com/advisories/46950
Vendor Advisory
http://www.securityfocus.com/bid/50754
Vendor Advisory
http://www.ubuntu.com/usn/USN-1270-1
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/71430

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*

EPSS

Процентиль: 77%

0.01042

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

CVE-2011-3150

ubuntu

около 14 лет назад

CVE-2011-3150

debian

около 14 лет назад

Software Center in Ubuntu 11.10, 11.04 10.10 does not properly validat ...

GHSA-5j3j-rq5g-q8c8

github

больше 3 лет назад

EPSS

Процентиль: 77%

0.01042

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-20