Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    8 vulnerabilities by ayatana_project

    CVE-2014-5195 (GCVE-0-2014-5195)

    Vulnerability from nvd – Published: 2014-08-07 10:00 – Updated: 2024-08-06 11:34
    VLAI
    Summary
    Unity before 7.2.3 and 7.3.x before 7.3.1, as used in Ubuntu, does not properly take focus of the keyboard when switching to the lock screen, which allows physically proximate attackers to bypass the lock screen by (1) leveraging a machine that had text selected when locking or (2) resuming from a suspension.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.ubuntu.com/usn/USN-2303-1 vendor-advisoryx_refsource_UBUNTU
    http://www.securityfocus.com/bid/68987 vdb-entryx_refsource_BID
    http://www.osvdb.org/109788 vdb-entryx_refsource_OSVDB
    https://bugs.launchpad.net/unity/7.2/+bug/1349128 x_refsource_CONFIRM
    Date Public
    2014-07-31 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T11:34:37.563Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ubuntu-unity-screenlock-sec-bypass(95199)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95199"
              },
              {
                "name": "USN-2303-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-2303-1"
              },
              {
                "name": "68987",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/68987"
              },
              {
                "name": "109788",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/109788"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugs.launchpad.net/unity/7.2/+bug/1349128"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-07-31T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unity before 7.2.3 and 7.3.x before 7.3.1, as used in Ubuntu, does not properly take focus of the keyboard when switching to the lock screen, which allows physically proximate attackers to bypass the lock screen by (1) leveraging a machine that had text selected when locking or (2) resuming from a suspension."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-07T15:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ubuntu-unity-screenlock-sec-bypass(95199)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95199"
            },
            {
              "name": "USN-2303-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-2303-1"
            },
            {
              "name": "68987",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/68987"
            },
            {
              "name": "109788",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/109788"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugs.launchpad.net/unity/7.2/+bug/1349128"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2014-5195",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unity before 7.2.3 and 7.3.x before 7.3.1, as used in Ubuntu, does not properly take focus of the keyboard when switching to the lock screen, which allows physically proximate attackers to bypass the lock screen by (1) leveraging a machine that had text selected when locking or (2) resuming from a suspension."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ubuntu-unity-screenlock-sec-bypass(95199)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95199"
                },
                {
                  "name": "USN-2303-1",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/USN-2303-1"
                },
                {
                  "name": "68987",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/68987"
                },
                {
                  "name": "109788",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/109788"
                },
                {
                  "name": "https://bugs.launchpad.net/unity/7.2/+bug/1349128",
                  "refsource": "CONFIRM",
                  "url": "https://bugs.launchpad.net/unity/7.2/+bug/1349128"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2014-5195",
        "datePublished": "2014-08-07T10:00:00.000Z",
        "dateReserved": "2014-08-07T00:00:00.000Z",
        "dateUpdated": "2024-08-06T11:34:37.563Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-3204 (GCVE-0-2014-3204)

    Vulnerability from nvd – Published: 2014-05-06 14:00 – Updated: 2024-08-06 10:35
    VLAI
    Summary
    Unity before 7.2.1, as used in Ubuntu 14.04, does not properly handle keyboard shortcuts, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by right-clicking on the indicator bar and then pressing the ALT and F2 keys.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2014-04-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T10:35:57.088Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
              },
              {
                "name": "67117",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/67117"
              },
              {
                "name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1313885"
              },
              {
                "name": "USN-2184-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://ubuntu.com/usn/usn-2184-1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-04-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unity before 7.2.1, as used in Ubuntu 14.04, does not properly handle keyboard shortcuts, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by right-clicking on the indicator bar and then pressing the ALT and F2 keys."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2014-05-06T12:57:00.000Z",
            "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
            "shortName": "canonical"
          },
          "references": [
            {
              "name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
            },
            {
              "name": "67117",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/67117"
            },
            {
              "name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1313885"
            },
            {
              "name": "USN-2184-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://ubuntu.com/usn/usn-2184-1"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@ubuntu.com",
              "ID": "CVE-2014-3204",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unity before 7.2.1, as used in Ubuntu 14.04, does not properly handle keyboard shortcuts, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by right-clicking on the indicator bar and then pressing the ALT and F2 keys."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
                },
                {
                  "name": "67117",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/67117"
                },
                {
                  "name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
                },
                {
                  "name": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1313885",
                  "refsource": "CONFIRM",
                  "url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1313885"
                },
                {
                  "name": "USN-2184-1",
                  "refsource": "UBUNTU",
                  "url": "http://ubuntu.com/usn/usn-2184-1"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "assignerShortName": "canonical",
        "cveId": "CVE-2014-3204",
        "datePublished": "2014-05-06T14:00:00.000Z",
        "dateReserved": "2014-05-03T00:00:00.000Z",
        "dateUpdated": "2024-08-06T10:35:57.088Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-3203 (GCVE-0-2014-3203)

    Vulnerability from nvd – Published: 2014-05-06 14:00 – Updated: 2024-08-06 10:35
    VLAI
    Summary
    Unity before 7.2.1, as used in Ubuntu 14.04, does not properly restrict access to the Dash when the lock screen is active, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by pressing the SUPER key before the screen auto-locks.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2014-04-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T10:35:56.995Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308850"
              },
              {
                "name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
              },
              {
                "name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
              },
              {
                "name": "USN-2184-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://ubuntu.com/usn/usn-2184-1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-04-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unity before 7.2.1, as used in Ubuntu 14.04, does not properly restrict access to the Dash when the lock screen is active, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by pressing the SUPER key before the screen auto-locks."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2014-05-06T12:57:00.000Z",
            "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
            "shortName": "canonical"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308850"
            },
            {
              "name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
            },
            {
              "name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
            },
            {
              "name": "USN-2184-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://ubuntu.com/usn/usn-2184-1"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@ubuntu.com",
              "ID": "CVE-2014-3203",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unity before 7.2.1, as used in Ubuntu 14.04, does not properly restrict access to the Dash when the lock screen is active, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by pressing the SUPER key before the screen auto-locks."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308850",
                  "refsource": "CONFIRM",
                  "url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308850"
                },
                {
                  "name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
                },
                {
                  "name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
                },
                {
                  "name": "USN-2184-1",
                  "refsource": "UBUNTU",
                  "url": "http://ubuntu.com/usn/usn-2184-1"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "assignerShortName": "canonical",
        "cveId": "CVE-2014-3203",
        "datePublished": "2014-05-06T14:00:00.000Z",
        "dateReserved": "2014-05-03T00:00:00.000Z",
        "dateUpdated": "2024-08-06T10:35:56.995Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-3202 (GCVE-0-2014-3202)

    Vulnerability from nvd – Published: 2014-05-06 14:00 – Updated: 2024-08-06 10:35
    VLAI
    Summary
    Unity before 7.2.1 does not properly handle entry activation, which allows physically proximate attackers to bypass the lock screen by holding the ENTER key, which triggers the process to crash.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2014-04-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T10:35:56.958Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
              },
              {
                "name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308572"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugs.launchpad.net/unity/+bug/1308750"
              },
              {
                "name": "[oss-security] 20140426 Ubuntu 14.04: security problem in the lock screen",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2014/04/26/1"
              },
              {
                "name": "[oss-security] 20140426 Re: Ubuntu 14.04: security problem in the lock screen",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2014/04/26/2"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-04-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unity before 7.2.1 does not properly handle entry activation, which allows physically proximate attackers to bypass the lock screen by holding the ENTER key, which triggers the process to crash."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2014-05-06T12:57:00.000Z",
            "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
            "shortName": "canonical"
          },
          "references": [
            {
              "name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
            },
            {
              "name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308572"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugs.launchpad.net/unity/+bug/1308750"
            },
            {
              "name": "[oss-security] 20140426 Ubuntu 14.04: security problem in the lock screen",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2014/04/26/1"
            },
            {
              "name": "[oss-security] 20140426 Re: Ubuntu 14.04: security problem in the lock screen",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2014/04/26/2"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@ubuntu.com",
              "ID": "CVE-2014-3202",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unity before 7.2.1 does not properly handle entry activation, which allows physically proximate attackers to bypass the lock screen by holding the ENTER key, which triggers the process to crash."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
                },
                {
                  "name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
                },
                {
                  "name": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308572",
                  "refsource": "CONFIRM",
                  "url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308572"
                },
                {
                  "name": "https://bugs.launchpad.net/unity/+bug/1308750",
                  "refsource": "CONFIRM",
                  "url": "https://bugs.launchpad.net/unity/+bug/1308750"
                },
                {
                  "name": "[oss-security] 20140426 Ubuntu 14.04: security problem in the lock screen",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2014/04/26/1"
                },
                {
                  "name": "[oss-security] 20140426 Re: Ubuntu 14.04: security problem in the lock screen",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2014/04/26/2"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "assignerShortName": "canonical",
        "cveId": "CVE-2014-3202",
        "datePublished": "2014-05-06T14:00:00.000Z",
        "dateReserved": "2014-05-03T00:00:00.000Z",
        "dateUpdated": "2024-08-06T10:35:56.958Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-5195 (GCVE-0-2014-5195)

    Vulnerability from cvelistv5 – Published: 2014-08-07 10:00 – Updated: 2024-08-06 11:34
    VLAI
    Summary
    Unity before 7.2.3 and 7.3.x before 7.3.1, as used in Ubuntu, does not properly take focus of the keyboard when switching to the lock screen, which allows physically proximate attackers to bypass the lock screen by (1) leveraging a machine that had text selected when locking or (2) resuming from a suspension.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.ubuntu.com/usn/USN-2303-1 vendor-advisoryx_refsource_UBUNTU
    http://www.securityfocus.com/bid/68987 vdb-entryx_refsource_BID
    http://www.osvdb.org/109788 vdb-entryx_refsource_OSVDB
    https://bugs.launchpad.net/unity/7.2/+bug/1349128 x_refsource_CONFIRM
    Date Public
    2014-07-31 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T11:34:37.563Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ubuntu-unity-screenlock-sec-bypass(95199)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95199"
              },
              {
                "name": "USN-2303-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-2303-1"
              },
              {
                "name": "68987",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/68987"
              },
              {
                "name": "109788",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/109788"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugs.launchpad.net/unity/7.2/+bug/1349128"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-07-31T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unity before 7.2.3 and 7.3.x before 7.3.1, as used in Ubuntu, does not properly take focus of the keyboard when switching to the lock screen, which allows physically proximate attackers to bypass the lock screen by (1) leveraging a machine that had text selected when locking or (2) resuming from a suspension."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-07T15:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ubuntu-unity-screenlock-sec-bypass(95199)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95199"
            },
            {
              "name": "USN-2303-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-2303-1"
            },
            {
              "name": "68987",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/68987"
            },
            {
              "name": "109788",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/109788"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugs.launchpad.net/unity/7.2/+bug/1349128"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2014-5195",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unity before 7.2.3 and 7.3.x before 7.3.1, as used in Ubuntu, does not properly take focus of the keyboard when switching to the lock screen, which allows physically proximate attackers to bypass the lock screen by (1) leveraging a machine that had text selected when locking or (2) resuming from a suspension."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ubuntu-unity-screenlock-sec-bypass(95199)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95199"
                },
                {
                  "name": "USN-2303-1",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/USN-2303-1"
                },
                {
                  "name": "68987",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/68987"
                },
                {
                  "name": "109788",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/109788"
                },
                {
                  "name": "https://bugs.launchpad.net/unity/7.2/+bug/1349128",
                  "refsource": "CONFIRM",
                  "url": "https://bugs.launchpad.net/unity/7.2/+bug/1349128"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2014-5195",
        "datePublished": "2014-08-07T10:00:00.000Z",
        "dateReserved": "2014-08-07T00:00:00.000Z",
        "dateUpdated": "2024-08-06T11:34:37.563Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-3203 (GCVE-0-2014-3203)

    Vulnerability from cvelistv5 – Published: 2014-05-06 14:00 – Updated: 2024-08-06 10:35
    VLAI
    Summary
    Unity before 7.2.1, as used in Ubuntu 14.04, does not properly restrict access to the Dash when the lock screen is active, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by pressing the SUPER key before the screen auto-locks.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2014-04-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T10:35:56.995Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308850"
              },
              {
                "name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
              },
              {
                "name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
              },
              {
                "name": "USN-2184-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://ubuntu.com/usn/usn-2184-1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-04-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unity before 7.2.1, as used in Ubuntu 14.04, does not properly restrict access to the Dash when the lock screen is active, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by pressing the SUPER key before the screen auto-locks."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2014-05-06T12:57:00.000Z",
            "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
            "shortName": "canonical"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308850"
            },
            {
              "name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
            },
            {
              "name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
            },
            {
              "name": "USN-2184-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://ubuntu.com/usn/usn-2184-1"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@ubuntu.com",
              "ID": "CVE-2014-3203",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unity before 7.2.1, as used in Ubuntu 14.04, does not properly restrict access to the Dash when the lock screen is active, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by pressing the SUPER key before the screen auto-locks."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308850",
                  "refsource": "CONFIRM",
                  "url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308850"
                },
                {
                  "name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
                },
                {
                  "name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
                },
                {
                  "name": "USN-2184-1",
                  "refsource": "UBUNTU",
                  "url": "http://ubuntu.com/usn/usn-2184-1"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "assignerShortName": "canonical",
        "cveId": "CVE-2014-3203",
        "datePublished": "2014-05-06T14:00:00.000Z",
        "dateReserved": "2014-05-03T00:00:00.000Z",
        "dateUpdated": "2024-08-06T10:35:56.995Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-3202 (GCVE-0-2014-3202)

    Vulnerability from cvelistv5 – Published: 2014-05-06 14:00 – Updated: 2024-08-06 10:35
    VLAI
    Summary
    Unity before 7.2.1 does not properly handle entry activation, which allows physically proximate attackers to bypass the lock screen by holding the ENTER key, which triggers the process to crash.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2014-04-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T10:35:56.958Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
              },
              {
                "name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308572"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugs.launchpad.net/unity/+bug/1308750"
              },
              {
                "name": "[oss-security] 20140426 Ubuntu 14.04: security problem in the lock screen",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2014/04/26/1"
              },
              {
                "name": "[oss-security] 20140426 Re: Ubuntu 14.04: security problem in the lock screen",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2014/04/26/2"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-04-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unity before 7.2.1 does not properly handle entry activation, which allows physically proximate attackers to bypass the lock screen by holding the ENTER key, which triggers the process to crash."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2014-05-06T12:57:00.000Z",
            "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
            "shortName": "canonical"
          },
          "references": [
            {
              "name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
            },
            {
              "name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308572"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugs.launchpad.net/unity/+bug/1308750"
            },
            {
              "name": "[oss-security] 20140426 Ubuntu 14.04: security problem in the lock screen",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2014/04/26/1"
            },
            {
              "name": "[oss-security] 20140426 Re: Ubuntu 14.04: security problem in the lock screen",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2014/04/26/2"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@ubuntu.com",
              "ID": "CVE-2014-3202",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unity before 7.2.1 does not properly handle entry activation, which allows physically proximate attackers to bypass the lock screen by holding the ENTER key, which triggers the process to crash."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
                },
                {
                  "name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
                },
                {
                  "name": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308572",
                  "refsource": "CONFIRM",
                  "url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308572"
                },
                {
                  "name": "https://bugs.launchpad.net/unity/+bug/1308750",
                  "refsource": "CONFIRM",
                  "url": "https://bugs.launchpad.net/unity/+bug/1308750"
                },
                {
                  "name": "[oss-security] 20140426 Ubuntu 14.04: security problem in the lock screen",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2014/04/26/1"
                },
                {
                  "name": "[oss-security] 20140426 Re: Ubuntu 14.04: security problem in the lock screen",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2014/04/26/2"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "assignerShortName": "canonical",
        "cveId": "CVE-2014-3202",
        "datePublished": "2014-05-06T14:00:00.000Z",
        "dateReserved": "2014-05-03T00:00:00.000Z",
        "dateUpdated": "2024-08-06T10:35:56.958Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-3204 (GCVE-0-2014-3204)

    Vulnerability from cvelistv5 – Published: 2014-05-06 14:00 – Updated: 2024-08-06 10:35
    VLAI
    Summary
    Unity before 7.2.1, as used in Ubuntu 14.04, does not properly handle keyboard shortcuts, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by right-clicking on the indicator bar and then pressing the ALT and F2 keys.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2014-04-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T10:35:57.088Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
              },
              {
                "name": "67117",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/67117"
              },
              {
                "name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1313885"
              },
              {
                "name": "USN-2184-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://ubuntu.com/usn/usn-2184-1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-04-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unity before 7.2.1, as used in Ubuntu 14.04, does not properly handle keyboard shortcuts, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by right-clicking on the indicator bar and then pressing the ALT and F2 keys."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2014-05-06T12:57:00.000Z",
            "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
            "shortName": "canonical"
          },
          "references": [
            {
              "name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
            },
            {
              "name": "67117",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/67117"
            },
            {
              "name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1313885"
            },
            {
              "name": "USN-2184-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://ubuntu.com/usn/usn-2184-1"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@ubuntu.com",
              "ID": "CVE-2014-3204",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unity before 7.2.1, as used in Ubuntu 14.04, does not properly handle keyboard shortcuts, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by right-clicking on the indicator bar and then pressing the ALT and F2 keys."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2014/04/29/2"
                },
                {
                  "name": "67117",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/67117"
                },
                {
                  "name": "[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2014/05/03/1"
                },
                {
                  "name": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1313885",
                  "refsource": "CONFIRM",
                  "url": "https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1313885"
                },
                {
                  "name": "USN-2184-1",
                  "refsource": "UBUNTU",
                  "url": "http://ubuntu.com/usn/usn-2184-1"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "assignerShortName": "canonical",
        "cveId": "CVE-2014-3204",
        "datePublished": "2014-05-06T14:00:00.000Z",
        "dateReserved": "2014-05-03T00:00:00.000Z",
        "dateUpdated": "2024-08-06T10:35:57.088Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }