ubiquity-slideshow-ubuntu before 58.2, during installation, allows remote man-in-the-middle attackers to execute arbitrary web script or HTML and read arbitrary files via a crafted attribute in the tag of a Twitter feed.
AV:N/AC:M/Au:N/C:P/I:P/A:P
28/09/2012
by Ubiquity Slideshow Team
12 years ago