First published: Fri Nov 25 2011(Updated: )
Multiple SQL injection flaws were found in the way colord, a color daemon that maps color devices to color profiles in the system context, performed SQL queries sanitization in database routines processing color device mappings and devices. If a local user was allowed to create new devices, and colord daemon was run as root, a local attacker could use this flaw to corrupt colord's own database or potentially other system SQLite3 based and related databases (for example that, used by polkit daemon). References: [1] <a href="https://bugs.freedesktop.org/show_bug.cgi?id=42904">https://bugs.freedesktop.org/show_bug.cgi?id=42904</a> [2] <a href="https://bugzilla.novell.com/show_bug.cgi?id=698250">https://bugzilla.novell.com/show_bug.cgi?id=698250</a> [3] <a href="http://www.openwall.com/lists/oss-security/2011/11/25/1">http://www.openwall.com/lists/oss-security/2011/11/25/1</a> Relevant upstream patches: [4] <a href="http://gitorious.org/colord/master/commit/1fadd90afcb4bbc47513466ee9bb1e4a8632ac3b">http://gitorious.org/colord/master/commit/1fadd90afcb4bbc47513466ee9bb1e4a8632ac3b</a> [5] <a href="http://gitorious.org/colord/master/commit/36549e0ed255e7dfa7852d08a75dd5f00cbd270e">http://gitorious.org/colord/master/commit/36549e0ed255e7dfa7852d08a75dd5f00cbd270e</a>
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Freedesktop Colord | =0.1.10 | |
Freedesktop Colord | =0.1.4 | |
Freedesktop Colord | =0.1.8 | |
Freedesktop Colord | =0.1.7 | |
Freedesktop Colord | =0.1.12 | |
Freedesktop Colord | =0.1.5 | |
Freedesktop Colord | =0.1.13 | |
Freedesktop Colord | =0.1.3 | |
Freedesktop Colord | =0.1.2 | |
Freedesktop Colord | =0.1.9 | |
Freedesktop Colord | =0.1.6 | |
Freedesktop Colord | =0.1.11 | |
Freedesktop Colord | =0.1.0 | |
Freedesktop Colord | <=0.1.14 | |
Freedesktop Colord | =0.1.1 | |
redhat/colord-0.1.15 | <1. | 1. |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.