OVAL Reference oval:com.ubuntu.precise:def:20131062000

Oval Definition:

oval:com.ubuntu.precise:def:20131062000

Revision Date:	2013-10-03	Version:	1
Title:	CVE-2013-1062 on Ubuntu 12.04 LTS (precise) - medium.
Description:	ubuntu-system-service 0.2.4 before 0.2.4.1. 0.2.3 before 0.2.3.1, and 0.2.2 before 0.2.2.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2013-1062
Platform(s):	Ubuntu 12.04 LTS	Product(s):
Definition Synopsis
Ubuntu 12.04 LTS (precise) is installed. AND The 'ubuntu-system-service' package in precise was vulnerable but has been fixed (note: '0.2.2.1').