VDB
CVE-2016-9951
CVE-2016-9951
PUBLISHED
An issue was discovered in Apport before 2.20.4. A malicious Apport crash file can contain a restart command in `RespawnCommand` or `ProcCmdline` fields. This command will be executed if a user clicks the Relaunch button on the Apport prompt from the malicious crash file. The fix is to only show the Relaunch button on Apport crash files generated by local systems. The Relaunch button will be hidden when crash files are opened directly in Apport-GTK.
EPSS 7.94% · 92.2th percentile
Risk Scores
EPSS Score
7.94%
92.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:16.04:LTS | apport | 2.19.1-0ubuntu3, 2.19.2-0ubuntu1, 2.19.2-0ubuntu2 |
| Ubuntu:14.04:LTS | apport | 2.14.1-0ubuntu3.8, 2.14.1-0ubuntu3.9, 2.14.1-0ubuntu3.10 |
Exploit Intelligence
- https://donncha.is/2016/12/compromising-ubuntu-desktop/ (nist-nvd)
- https://github.com/DonnchaC/ubuntu-apport-exploitation (circl)
- https://bugs.launchpad.net/apport/+bug/1648806 (circl)
- 95011 (circl)
- USN-3157-1 (circl)
- 40937 (cve.org)
- Apport 2.x (Ubuntu Desktop 12.10 < 16.04) - Local Code Execution Exploit (0day-today)
- Apport 2.x (Ubuntu Desktop 12.10 < 16.04) - Local Code Execution Exploit (0day-today)
Timeline
- Dec 14, 2016 CVE Published
- Dec 19, 2016 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 16, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2016-9951 third-party-advisory
- https://donncha.is/2016/12/compromising-ubuntu-desktop/ third-party-advisory
- https://ubuntu.com/security/notices/USN-3157-1 vendor-advisory
- https://www.cve.org/CVERecord?id=CVE-2016-9951 third-party-advisory