Oval Definition:oval:com.ubuntu.xenial:def:201812559000
Revision Date:2018-06-19Version:1
Title:CVE-2018-12559 on Ubuntu 16.04 LTS (xenial) - high.
Description:An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1. The mount target path check in mounter.cpp `mpOk()` is insufficient. A regular user can consequently mount a CIFS filesystem anywhere (e.g., outside of the /home directory tree) by passing directory traversal sequences such as a home/../usr substring.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2018-12559
Platform(s):Ubuntu 16.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 16.04 LTS (xenial) is installed.
  • AND The vulnerability of the 'cantata' package in xenial is not known (status: 'needs-triage'). It is pending evaluation.
    • BACK