Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
8 vulnerabilities found for unity by ayatana_project
CVE-2014-5195 (GCVE-0-2014-5195)
Vulnerability from nvd – Published: 2014-08-07 10:00 – Updated: 2024-08-06 11:34
VLAI
EPSS
VEX
Summary
Unity before 7.2.3 and 7.3.x before 7.3.1, as used in Ubuntu, does not properly take focus of the keyboard when switching to the lock screen, which allows physically proximate attackers to bypass the lock screen by (1) leveraging a machine that had text selected when locking or (2) resuming from a suspension.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.ubuntu.com/usn/USN-2303-1 | vendor-advisoryx_refsource_UBUNTU |
| http://www.securityfocus.com/bid/68987 | vdb-entryx_refsource_BID |
| http://www.osvdb.org/109788 | vdb-entryx_refsource_OSVDB |
| https://bugs.launchpad.net/unity/7.2/+bug/1349128 | x_refsource_CONFIRM |
Date Public
2014-07-31 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:34:37.563Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ubuntu-unity-screenlock-sec-bypass(95199)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95199"
},
{
"name": "USN-2303-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2303-1"
},
{
"name": "68987",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/68987"
},
{
"name": "109788",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/109788"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/unity/7.2/+bug/1349128"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-07-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unity before 7.2.3 and 7.3.x before 7.3.1, as used in Ubuntu, does not properly take focus of the keyboard when switching to the lock screen, which allows physically proximate attackers to bypass the lock screen by (1) leveraging a machine that had text selected when locking or (2) resuming from a suspension."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ubuntu-unity-screenlock-sec-bypass(95199)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95199"
},
{
"name": "USN-2303-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2303-1"
},
{
"name": "68987",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/68987"
},
{
"name": "109788",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/109788"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/unity/7.2/+bug/1349128"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5195",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unity before 7.2.3 and 7.3.x before 7.3.1, as used in Ubuntu, does not properly take focus of the keyboard when switching to the lock screen, which allows physically proximate attackers to bypass the lock screen by (1) leveraging a machine that had text selected when locking or (2) resuming from a suspension."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ubuntu-unity-screenlock-sec-bypass(95199)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95199"
},
{
"name": "USN-2303-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2303-1"
},
{
"name": "68987",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68987"
},
{
"name": "109788",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/109788"
},
{
"name": "https://bugs.launchpad.net/unity/7.2/+bug/1349128",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/unity/7.2/+bug/1349128"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-5195",
"datePublished": "2014-08-07T10:00:00.000Z",
"dateReserved": "2014-08-07T00:00:00.000Z",
"dateUpdated": "2024-08-06T11:34:37.563Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3204 (GCVE-0-2014-3204)
Vulnerability from nvd – Published: 2014-05-06 14:00 – Updated: 2024-08-06 10:35
VLAI
EPSS
VEX
Summary
Unity before 7.2.1, as used in Ubuntu 14.04, does not properly handle keyboard shortcuts, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by right-clicking on the indicator bar and then pressing the ALT and F2 keys.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.openwall.com/lists/oss-security/2014/04/29/2 | mailing-listx_refsource_MLIST |
| http://www.securityfocus.com/bid/67117 | vdb-entryx_refsource_BID |
| http://www.openwall.com/lists/oss-security/2014/05/03/1 | mailing-listx_refsource_MLIST |
| https://bugs.launchpad.net/ubuntu/+source/unity/+… | x_refsource_CONFIRM |
| http://ubuntu.com/usn/usn-2184-1 | vendor-advisoryx_refsource_UBUNTU |
Date Public
2014-04-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:35:57.088Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
},
{
"name": "67117",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/67117"
},
{
"name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1313885"
},
{
"name": "USN-2184-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://ubuntu.com/usn/usn-2184-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unity before 7.2.1, as used in Ubuntu 14.04, does not properly handle keyboard shortcuts, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by right-clicking on the indicator bar and then pressing the ALT and F2 keys."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-06T12:57:00.000Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
},
{
"name": "67117",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/67117"
},
{
"name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1313885"
},
{
"name": "USN-2184-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://ubuntu.com/usn/usn-2184-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"ID": "CVE-2014-3204",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unity before 7.2.1, as used in Ubuntu 14.04, does not properly handle keyboard shortcuts, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by right-clicking on the indicator bar and then pressing the ALT and F2 keys."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
},
{
"name": "67117",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67117"
},
{
"name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
},
{
"name": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1313885",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1313885"
},
{
"name": "USN-2184-1",
"refsource": "UBUNTU",
"url": "http://ubuntu.com/usn/usn-2184-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2014-3204",
"datePublished": "2014-05-06T14:00:00.000Z",
"dateReserved": "2014-05-03T00:00:00.000Z",
"dateUpdated": "2024-08-06T10:35:57.088Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3203 (GCVE-0-2014-3203)
Vulnerability from nvd – Published: 2014-05-06 14:00 – Updated: 2024-08-06 10:35
VLAI
EPSS
VEX
Summary
Unity before 7.2.1, as used in Ubuntu 14.04, does not properly restrict access to the Dash when the lock screen is active, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by pressing the SUPER key before the screen auto-locks.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://bugs.launchpad.net/ubuntu/+source/unity/+… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2014/04/29/2 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2014/05/03/1 | mailing-listx_refsource_MLIST |
| http://ubuntu.com/usn/usn-2184-1 | vendor-advisoryx_refsource_UBUNTU |
Date Public
2014-04-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:35:56.995Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308850"
},
{
"name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
},
{
"name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
},
{
"name": "USN-2184-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://ubuntu.com/usn/usn-2184-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unity before 7.2.1, as used in Ubuntu 14.04, does not properly restrict access to the Dash when the lock screen is active, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by pressing the SUPER key before the screen auto-locks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-06T12:57:00.000Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308850"
},
{
"name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
},
{
"name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
},
{
"name": "USN-2184-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://ubuntu.com/usn/usn-2184-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"ID": "CVE-2014-3203",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unity before 7.2.1, as used in Ubuntu 14.04, does not properly restrict access to the Dash when the lock screen is active, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by pressing the SUPER key before the screen auto-locks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308850",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308850"
},
{
"name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
},
{
"name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
},
{
"name": "USN-2184-1",
"refsource": "UBUNTU",
"url": "http://ubuntu.com/usn/usn-2184-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2014-3203",
"datePublished": "2014-05-06T14:00:00.000Z",
"dateReserved": "2014-05-03T00:00:00.000Z",
"dateUpdated": "2024-08-06T10:35:56.995Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3202 (GCVE-0-2014-3202)
Vulnerability from nvd – Published: 2014-05-06 14:00 – Updated: 2024-08-06 10:35
VLAI
EPSS
VEX
Summary
Unity before 7.2.1 does not properly handle entry activation, which allows physically proximate attackers to bypass the lock screen by holding the ENTER key, which triggers the process to crash.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.openwall.com/lists/oss-security/2014/04/29/2 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2014/05/03/1 | mailing-listx_refsource_MLIST |
| https://bugs.launchpad.net/ubuntu/+source/unity/+… | x_refsource_CONFIRM |
| https://bugs.launchpad.net/unity/+bug/1308750 | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2014/04/26/1 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2014/04/26/2 | mailing-listx_refsource_MLIST |
Date Public
2014-04-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:35:56.958Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
},
{
"name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308572"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/unity/+bug/1308750"
},
{
"name": "[oss-security] 20140426 Ubuntu 14.04: security problem in the lock screen",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/04/26/1"
},
{
"name": "[oss-security] 20140426 Re: Ubuntu 14.04: security problem in the lock screen",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/04/26/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unity before 7.2.1 does not properly handle entry activation, which allows physically proximate attackers to bypass the lock screen by holding the ENTER key, which triggers the process to crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-06T12:57:00.000Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
},
{
"name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308572"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/unity/+bug/1308750"
},
{
"name": "[oss-security] 20140426 Ubuntu 14.04: security problem in the lock screen",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/04/26/1"
},
{
"name": "[oss-security] 20140426 Re: Ubuntu 14.04: security problem in the lock screen",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/04/26/2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"ID": "CVE-2014-3202",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unity before 7.2.1 does not properly handle entry activation, which allows physically proximate attackers to bypass the lock screen by holding the ENTER key, which triggers the process to crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
},
{
"name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
},
{
"name": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308572",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308572"
},
{
"name": "https://bugs.launchpad.net/unity/+bug/1308750",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/unity/+bug/1308750"
},
{
"name": "[oss-security] 20140426 Ubuntu 14.04: security problem in the lock screen",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/04/26/1"
},
{
"name": "[oss-security] 20140426 Re: Ubuntu 14.04: security problem in the lock screen",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/04/26/2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2014-3202",
"datePublished": "2014-05-06T14:00:00.000Z",
"dateReserved": "2014-05-03T00:00:00.000Z",
"dateUpdated": "2024-08-06T10:35:56.958Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-5195 (GCVE-0-2014-5195)
Vulnerability from cvelistv5 – Published: 2014-08-07 10:00 – Updated: 2024-08-06 11:34
VLAI
EPSS
VEX
Summary
Unity before 7.2.3 and 7.3.x before 7.3.1, as used in Ubuntu, does not properly take focus of the keyboard when switching to the lock screen, which allows physically proximate attackers to bypass the lock screen by (1) leveraging a machine that had text selected when locking or (2) resuming from a suspension.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.ubuntu.com/usn/USN-2303-1 | vendor-advisoryx_refsource_UBUNTU |
| http://www.securityfocus.com/bid/68987 | vdb-entryx_refsource_BID |
| http://www.osvdb.org/109788 | vdb-entryx_refsource_OSVDB |
| https://bugs.launchpad.net/unity/7.2/+bug/1349128 | x_refsource_CONFIRM |
Date Public
2014-07-31 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:34:37.563Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ubuntu-unity-screenlock-sec-bypass(95199)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95199"
},
{
"name": "USN-2303-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2303-1"
},
{
"name": "68987",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/68987"
},
{
"name": "109788",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/109788"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/unity/7.2/+bug/1349128"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-07-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unity before 7.2.3 and 7.3.x before 7.3.1, as used in Ubuntu, does not properly take focus of the keyboard when switching to the lock screen, which allows physically proximate attackers to bypass the lock screen by (1) leveraging a machine that had text selected when locking or (2) resuming from a suspension."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ubuntu-unity-screenlock-sec-bypass(95199)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95199"
},
{
"name": "USN-2303-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2303-1"
},
{
"name": "68987",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/68987"
},
{
"name": "109788",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/109788"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/unity/7.2/+bug/1349128"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5195",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unity before 7.2.3 and 7.3.x before 7.3.1, as used in Ubuntu, does not properly take focus of the keyboard when switching to the lock screen, which allows physically proximate attackers to bypass the lock screen by (1) leveraging a machine that had text selected when locking or (2) resuming from a suspension."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ubuntu-unity-screenlock-sec-bypass(95199)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95199"
},
{
"name": "USN-2303-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2303-1"
},
{
"name": "68987",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68987"
},
{
"name": "109788",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/109788"
},
{
"name": "https://bugs.launchpad.net/unity/7.2/+bug/1349128",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/unity/7.2/+bug/1349128"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-5195",
"datePublished": "2014-08-07T10:00:00.000Z",
"dateReserved": "2014-08-07T00:00:00.000Z",
"dateUpdated": "2024-08-06T11:34:37.563Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3203 (GCVE-0-2014-3203)
Vulnerability from cvelistv5 – Published: 2014-05-06 14:00 – Updated: 2024-08-06 10:35
VLAI
EPSS
VEX
Summary
Unity before 7.2.1, as used in Ubuntu 14.04, does not properly restrict access to the Dash when the lock screen is active, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by pressing the SUPER key before the screen auto-locks.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://bugs.launchpad.net/ubuntu/+source/unity/+… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2014/04/29/2 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2014/05/03/1 | mailing-listx_refsource_MLIST |
| http://ubuntu.com/usn/usn-2184-1 | vendor-advisoryx_refsource_UBUNTU |
Date Public
2014-04-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:35:56.995Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308850"
},
{
"name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
},
{
"name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
},
{
"name": "USN-2184-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://ubuntu.com/usn/usn-2184-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unity before 7.2.1, as used in Ubuntu 14.04, does not properly restrict access to the Dash when the lock screen is active, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by pressing the SUPER key before the screen auto-locks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-06T12:57:00.000Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308850"
},
{
"name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
},
{
"name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
},
{
"name": "USN-2184-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://ubuntu.com/usn/usn-2184-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"ID": "CVE-2014-3203",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unity before 7.2.1, as used in Ubuntu 14.04, does not properly restrict access to the Dash when the lock screen is active, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by pressing the SUPER key before the screen auto-locks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308850",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308850"
},
{
"name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
},
{
"name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
},
{
"name": "USN-2184-1",
"refsource": "UBUNTU",
"url": "http://ubuntu.com/usn/usn-2184-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2014-3203",
"datePublished": "2014-05-06T14:00:00.000Z",
"dateReserved": "2014-05-03T00:00:00.000Z",
"dateUpdated": "2024-08-06T10:35:56.995Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3202 (GCVE-0-2014-3202)
Vulnerability from cvelistv5 – Published: 2014-05-06 14:00 – Updated: 2024-08-06 10:35
VLAI
EPSS
VEX
Summary
Unity before 7.2.1 does not properly handle entry activation, which allows physically proximate attackers to bypass the lock screen by holding the ENTER key, which triggers the process to crash.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.openwall.com/lists/oss-security/2014/04/29/2 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2014/05/03/1 | mailing-listx_refsource_MLIST |
| https://bugs.launchpad.net/ubuntu/+source/unity/+… | x_refsource_CONFIRM |
| https://bugs.launchpad.net/unity/+bug/1308750 | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2014/04/26/1 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2014/04/26/2 | mailing-listx_refsource_MLIST |
Date Public
2014-04-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:35:56.958Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
},
{
"name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308572"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/unity/+bug/1308750"
},
{
"name": "[oss-security] 20140426 Ubuntu 14.04: security problem in the lock screen",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/04/26/1"
},
{
"name": "[oss-security] 20140426 Re: Ubuntu 14.04: security problem in the lock screen",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/04/26/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unity before 7.2.1 does not properly handle entry activation, which allows physically proximate attackers to bypass the lock screen by holding the ENTER key, which triggers the process to crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-06T12:57:00.000Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
},
{
"name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308572"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/unity/+bug/1308750"
},
{
"name": "[oss-security] 20140426 Ubuntu 14.04: security problem in the lock screen",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/04/26/1"
},
{
"name": "[oss-security] 20140426 Re: Ubuntu 14.04: security problem in the lock screen",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/04/26/2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"ID": "CVE-2014-3202",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unity before 7.2.1 does not properly handle entry activation, which allows physically proximate attackers to bypass the lock screen by holding the ENTER key, which triggers the process to crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
},
{
"name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
},
{
"name": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308572",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308572"
},
{
"name": "https://bugs.launchpad.net/unity/+bug/1308750",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/unity/+bug/1308750"
},
{
"name": "[oss-security] 20140426 Ubuntu 14.04: security problem in the lock screen",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/04/26/1"
},
{
"name": "[oss-security] 20140426 Re: Ubuntu 14.04: security problem in the lock screen",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/04/26/2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2014-3202",
"datePublished": "2014-05-06T14:00:00.000Z",
"dateReserved": "2014-05-03T00:00:00.000Z",
"dateUpdated": "2024-08-06T10:35:56.958Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3204 (GCVE-0-2014-3204)
Vulnerability from cvelistv5 – Published: 2014-05-06 14:00 – Updated: 2024-08-06 10:35
VLAI
EPSS
VEX
Summary
Unity before 7.2.1, as used in Ubuntu 14.04, does not properly handle keyboard shortcuts, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by right-clicking on the indicator bar and then pressing the ALT and F2 keys.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.openwall.com/lists/oss-security/2014/04/29/2 | mailing-listx_refsource_MLIST |
| http://www.securityfocus.com/bid/67117 | vdb-entryx_refsource_BID |
| http://www.openwall.com/lists/oss-security/2014/05/03/1 | mailing-listx_refsource_MLIST |
| https://bugs.launchpad.net/ubuntu/+source/unity/+… | x_refsource_CONFIRM |
| http://ubuntu.com/usn/usn-2184-1 | vendor-advisoryx_refsource_UBUNTU |
Date Public
2014-04-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:35:57.088Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
},
{
"name": "67117",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/67117"
},
{
"name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1313885"
},
{
"name": "USN-2184-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://ubuntu.com/usn/usn-2184-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unity before 7.2.1, as used in Ubuntu 14.04, does not properly handle keyboard shortcuts, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by right-clicking on the indicator bar and then pressing the ALT and F2 keys."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-06T12:57:00.000Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
},
{
"name": "67117",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/67117"
},
{
"name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1313885"
},
{
"name": "USN-2184-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://ubuntu.com/usn/usn-2184-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"ID": "CVE-2014-3204",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unity before 7.2.1, as used in Ubuntu 14.04, does not properly handle keyboard shortcuts, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by right-clicking on the indicator bar and then pressing the ALT and F2 keys."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
},
{
"name": "67117",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67117"
},
{
"name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
},
{
"name": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1313885",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1313885"
},
{
"name": "USN-2184-1",
"refsource": "UBUNTU",
"url": "http://ubuntu.com/usn/usn-2184-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2014-3204",
"datePublished": "2014-05-06T14:00:00.000Z",
"dateReserved": "2014-05-03T00:00:00.000Z",
"dateUpdated": "2024-08-06T10:35:57.088Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}