CVE-2011-1165
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2011-1165
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2011-1165.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2011-1165
- Published
- 2013-03-12T23:55:01Z
- Modified
- 2025-04-11T02:52:29.646057Z
- Downstream
- Summary
- [none]
- Details
-
Vino, possibly before 3.2, does not properly document that it opens ports in UPnP routers when the "Configure network to automatically accept connections" setting is enabled, which might make it easier for remote attackers to perform further attacks.
- References
-
- http://rhn.redhat.com/errata/RHSA-2013-0169.html
- http://git.gnome.org/browse/vino/commit/?id=410bbf8e284409bdef02322af4d4a3a388419566
- https://bugzilla.gnome.org/show_bug.cgi?id=594521
- https://bugzilla.redhat.com/show_bug.cgi?id=678846
- http://www.dslreports.com/forum/r25446313-Ubuntu-computer-hijacked-by-hacker~start=40
- https://security-tracker.debian.org/tracker/CVE-2011-1165
Affected packages
Debian:11 / vino
Package
- Name
- vino
- Purl
- pkg:deb/debian/vino?arch=source
Debian:12 / vino
Package
- Name
- vino
- Purl
- pkg:deb/debian/vino?arch=source