Описание
dbus_backend/ls-dbus-backend in the D-Bus backend in language-selector before 0.6.7 does not restrict access on the basis of a PolicyKit check result, which allows local users to modify the /etc/default/locale and /etc/environment files via a (1) SetSystemDefaultLangEnv or (2) SetSystemDefaultLanguageEnv call.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | |
| devel | released | 0.33 |
| hardy | not-affected | |
| karmic | not-affected | |
| lucid | not-affected | |
| maverick | released | 0.6.7 |
| upstream | needs-triage |
Показывать по
EPSS
7.2 High
CVSS2
Связанные уязвимости
dbus_backend/ls-dbus-backend in the D-Bus backend in language-selector before 0.6.7 does not restrict access on the basis of a PolicyKit check result, which allows local users to modify the /etc/default/locale and /etc/environment files via a (1) SetSystemDefaultLangEnv or (2) SetSystemDefaultLanguageEnv call.
dbus_backend/ls-dbus-backend in the D-Bus backend in language-selector before 0.6.7 does not restrict access on the basis of a PolicyKit check result, which allows local users to modify the /etc/default/locale and /etc/environment files via a (1) SetSystemDefaultLangEnv or (2) SetSystemDefaultLanguageEnv call.
EPSS
7.2 High
CVSS2