Ubuntu Update For Mono USN-1517-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-1517-1

Solution

Please Install the Updated Packages.

Insight

It was discovered that the Mono System.Web library incorrectly filtered certain error messages related to forbidden files. If a user were tricked into opening a specially crafted URL, an attacker could possibly exploit this to conduct cross-site scripting (XSS) attacks. (CVE-2012-3382) It was discovered that the Mono System.Web library incorrectly handled the EnableViewStateMac property. If a user were tricked into opening a specially crafted URL, an attacker could possibly exploit this to conduct cross-site scripting (XSS) attacks. This issue only affected Ubuntu 10.04 LTS. (CVE-2010-1459)

Affected

mono on Ubuntu 12.04 LTS , Ubuntu 11.10 , Ubuntu 11.04 , Ubuntu 10.04 LTS

References

https://lists.ubuntu.com/archives/ubuntu-security-announce/2012-July/001770.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-1459, CVE-2012-3382

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Ubuntu Update for mono USN-1517-1

Take action and discover your vulnerabilities