U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*
  • CPE Name Search: true
There are 123 matching records.
Displaying matches 121 through 123.
Vuln ID Summary CVSS Severity
CVE-2011-4409

The Ubuntu One Client for Ubuntu 10.04 LTS, 11.04, 11.10, and 12.04 LTS does not properly validate SSL certificates, which allows remote attackers to spoof a server and modify or read sensitive information via a man-in-the-middle (MITM) attack.

Published: June 15, 2012; 8:55:05 PM -0400 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 7.5 HIGH
CVE-2012-0948

DistUpgrade/DistUpgradeMain.py in Update Manager, as used by Ubuntu 12.04 LTS, 11.10, and 11.04, uses weak permissions for (1) apt-clone_system_state.tar.gz and (2) system_state.tar.gz, which allows local users to obtain repository credentials.

Published: June 07, 2012; 5:55:02 PM -0400 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 2.1 LOW
CVE-2012-0949

The Apport hook in Update Manager as used by Ubuntu 12.04 LTS, 11.10, and 11.04 uploads certain system state archive files when reporting bugs to Launchpad, which allows remote attackers to read repository credentials by viewing a public bug report.

Published: May 31, 2012; 1:55:02 PM -0400 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 5.0 MEDIUM