CVE-2015-7946

Published: May 7, 2020Modified: Nov 21, 2024

4.6

Vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 0.9 / Impact: 3.6

Source: NVD

Description

Information Exposure vulnerability in Unity8 as used on the Ubuntu phone and possibly also in Unity8 shipped elsewhere. This allows an attacker to enable the MTP service by opening the emergency dialer. Fixed in 8.11+16.04.20160111.1-0ubuntu1 and 8.11+15.04.20160122-0ubuntu1.

Affected (1)

Products: Ubports: Unity8

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Ubports Unity8	All versions

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (2)

https://launchpad.net/bugs/1525981

Source: security@ubuntu.com

Third Party Advisory

https://launchpad.net/bugs/1525981

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.