CVE-2011-3150

Publication date 21 November 2011

Last updated 24 July 2024

Software Center in Ubuntu 11.10, 11.04 10.10 does not properly validate server certificates, which allows remote attackers to execute arbitrary code or obtain sensitive information via a man-in-the-middle (MITM) attack.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
software-center	11.10 oneiric	Fixed 5.0.2ubuntu0.1
	11.04 natty	Fixed 4.0.5ubuntu0.1
	10.10 maverick	Fixed 3.0.10ubuntu0.1
	10.04 LTS lucid	Not affected
	8.04 LTS hardy	Not in release

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-1270-1
Software Center vulnerability
21 November 2011

Other references

https://www.cve.org/CVERecord?id=CVE-2011-3150