Ubuntu Update For Colord USN-1289-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-1289-1

Solution

Please Install the Updated Packages.

Insight

It was discovered that colord incorrectly handled certain SQL queries. A local attacker could exploit this to modify arbitrary sqlite databases. On Ubuntu, colord runs as its own user by default, so standard file permissions would limit which databases could be altered.

Affected

colord on Ubuntu 11.10

Severity

Classification

CVE CVE-2011-4349
CVSS Base Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Ubuntu Update for compiz-fusion-plugins-main vulnerability USN-688-1
Ubuntu Update for curl USN-2399-1
Ubuntu Update for apache2 USN-2152-1
Ubuntu Update for clamav USN-1482-1
Ubuntu Update for cups, cupsys vulnerabilities USN-952-1

Ubuntu Update for colord USN-1289-1

Take action and discover your vulnerabilities