{"id":"UBUNTU-CVE-2012-1096","details":"NetworkManager 0.9 and earlier allows local users to use other users' certificates or private keys when making a connection via the file path when adding a new connection.","modified":"2026-04-16T09:40:39.804702Z","published":"2020-03-10T17:15:00Z","upstream":["CVE-2012-1096"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2012-1096"},{"type":"REPORT","url":"http://www.openwall.com/lists/oss-security/2012/02/29/2"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2012-1096"}],"affected":[{"package":{"name":"network-manager","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/network-manager@1.2.6-0ubuntu0.16.04.3?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1.0.4-0ubuntu5","1.0.4-0ubuntu6","1.0.4-0ubuntu7","1.0.4-0ubuntu8","1.0.4-0ubuntu9","1.0.4-0ubuntu10","1.1.93-0ubuntu2","1.1.93-0ubuntu3","1.1.93-0ubuntu4","1.2.0-0ubuntu0.16.04.2","1.2.0-0ubuntu0.16.04.3","1.2.2-0ubuntu0.16.04.1","1.2.2-0ubuntu0.16.04.3","1.2.2-0ubuntu0.16.04.4","1.2.6-0ubuntu0.16.04.1","1.2.6-0ubuntu0.16.04.2","1.2.6-0ubuntu0.16.04.3"],"ecosystem_specific":{"binaries":[{"binary_name":"gir1.2-networkmanager-1.0","binary_version":"1.2.6-0ubuntu0.16.04.3"},{"binary_name":"libnm-dev","binary_version":"1.2.6-0ubuntu0.16.04.3"},{"binary_name":"libnm-glib-dev","binary_version":"1.2.6-0ubuntu0.16.04.3"},{"binary_name":"libnm-glib-vpn-dev","binary_version":"1.2.6-0ubuntu0.16.04.3"},{"binary_name":"libnm-glib-vpn1","binary_version":"1.2.6-0ubuntu0.16.04.3"},{"binary_name":"libnm-glib4","binary_version":"1.2.6-0ubuntu0.16.04.3"},{"binary_name":"libnm-util-dev","binary_version":"1.2.6-0ubuntu0.16.04.3"},{"binary_name":"libnm-util2","binary_version":"1.2.6-0ubuntu0.16.04.3"},{"binary_name":"libnm0","binary_version":"1.2.6-0ubuntu0.16.04.3"},{"binary_name":"network-manager","binary_version":"1.2.6-0ubuntu0.16.04.3"},{"binary_name":"network-manager-dev","binary_version":"1.2.6-0ubuntu0.16.04.3"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2012/UBUNTU-CVE-2012-1096.json"}},{"package":{"name":"network-manager","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/network-manager@1.10.14-0ubuntu2?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1.8.4-1ubuntu3","1.8.4-1ubuntu4","1.10.4-1ubuntu2","1.10.4-1ubuntu3","1.10.6-2ubuntu1","1.10.6-2ubuntu1.1","1.10.6-2ubuntu1.2","1.10.6-2ubuntu1.4","1.10.14-0ubuntu2"],"ecosystem_specific":{"binaries":[{"binary_name":"gir1.2-networkmanager-1.0","binary_version":"1.10.14-0ubuntu2"},{"binary_name":"gir1.2-nm-1.0","binary_version":"1.10.14-0ubuntu2"},{"binary_name":"libnm-dev","binary_version":"1.10.14-0ubuntu2"},{"binary_name":"libnm-glib-dev","binary_version":"1.10.14-0ubuntu2"},{"binary_name":"libnm-glib-vpn-dev","binary_version":"1.10.14-0ubuntu2"},{"binary_name":"libnm-glib-vpn1","binary_version":"1.10.14-0ubuntu2"},{"binary_name":"libnm-glib4","binary_version":"1.10.14-0ubuntu2"},{"binary_name":"libnm-util-dev","binary_version":"1.10.14-0ubuntu2"},{"binary_name":"libnm-util2","binary_version":"1.10.14-0ubuntu2"},{"binary_name":"libnm0","binary_version":"1.10.14-0ubuntu2"},{"binary_name":"network-manager","binary_version":"1.10.14-0ubuntu2"},{"binary_name":"network-manager-config-connectivity-debian","binary_version":"1.10.14-0ubuntu2"},{"binary_name":"network-manager-config-connectivity-ubuntu","binary_version":"1.10.14-0ubuntu2"},{"binary_name":"network-manager-dev","binary_version":"1.10.14-0ubuntu2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2012/UBUNTU-CVE-2012-1096.json"}},{"package":{"name":"network-manager","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/network-manager@1.22.10-1ubuntu2.4?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1.20.4-2ubuntu2","1.20.4-2ubuntu3","1.20.8-1ubuntu2","1.22.4-1ubuntu2","1.22.8-1ubuntu1","1.22.10-1ubuntu1","1.22.10-1ubuntu2.1","1.22.10-1ubuntu2.2","1.22.10-1ubuntu2.3","1.22.10-1ubuntu2.4"],"ecosystem_specific":{"binaries":[{"binary_name":"gir1.2-nm-1.0","binary_version":"1.22.10-1ubuntu2.4"},{"binary_name":"libnm-dev","binary_version":"1.22.10-1ubuntu2.4"},{"binary_name":"libnm0","binary_version":"1.22.10-1ubuntu2.4"},{"binary_name":"network-manager","binary_version":"1.22.10-1ubuntu2.4"},{"binary_name":"network-manager-config-connectivity-debian","binary_version":"1.22.10-1ubuntu2.4"},{"binary_name":"network-manager-config-connectivity-ubuntu","binary_version":"1.22.10-1ubuntu2.4"},{"binary_name":"network-manager-dev","binary_version":"1.22.10-1ubuntu2.4"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2012/UBUNTU-CVE-2012-1096.json"}},{"package":{"name":"network-manager","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/network-manager@1.36.6-0ubuntu2.4?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1.32.12-0ubuntu1","1.32.12-0ubuntu2","1.34.0-2ubuntu3","1.35.90-0ubuntu1","1.35.91-0ubuntu1","1.35.92-1ubuntu1","1.36.0-1ubuntu2","1.36.2-1ubuntu1","1.36.4-1ubuntu1","1.36.4-2ubuntu1","1.36.6-0ubuntu1","1.36.6-0ubuntu2","1.36.6-0ubuntu2.1","1.36.6-0ubuntu2.2","1.36.6-0ubuntu2.3","1.36.6-0ubuntu2.4"],"ecosystem_specific":{"binaries":[{"binary_name":"gir1.2-nm-1.0","binary_version":"1.36.6-0ubuntu2.4"},{"binary_name":"libnm-dev","binary_version":"1.36.6-0ubuntu2.4"},{"binary_name":"libnm0","binary_version":"1.36.6-0ubuntu2.4"},{"binary_name":"network-manager","binary_version":"1.36.6-0ubuntu2.4"},{"binary_name":"network-manager-config-connectivity-debian","binary_version":"1.36.6-0ubuntu2.4"},{"binary_name":"network-manager-config-connectivity-ubuntu","binary_version":"1.36.6-0ubuntu2.4"},{"binary_name":"network-manager-dev","binary_version":"1.36.6-0ubuntu2.4"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2012/UBUNTU-CVE-2012-1096.json"}},{"package":{"name":"network-manager","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/network-manager@1.46.0-1ubuntu2.7?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1.44.2-1ubuntu1","1.44.2-1ubuntu1.1","1.44.2-1ubuntu2","1.44.2-7ubuntu1","1.45.90-1ubuntu1","1.45.90-1ubuntu3","1.46.0-1ubuntu2","1.46.0-1ubuntu2.2","1.46.0-1ubuntu2.3","1.46.0-1ubuntu2.4","1.46.0-1ubuntu2.5","1.46.0-1ubuntu2.6","1.46.0-1ubuntu2.7"],"ecosystem_specific":{"binaries":[{"binary_name":"gir1.2-nm-1.0","binary_version":"1.46.0-1ubuntu2.7"},{"binary_name":"libnm-dev","binary_version":"1.46.0-1ubuntu2.7"},{"binary_name":"libnm0","binary_version":"1.46.0-1ubuntu2.7"},{"binary_name":"network-manager","binary_version":"1.46.0-1ubuntu2.7"},{"binary_name":"network-manager-config-connectivity-debian","binary_version":"1.46.0-1ubuntu2.7"},{"binary_name":"network-manager-config-connectivity-ubuntu","binary_version":"1.46.0-1ubuntu2.7"},{"binary_name":"network-manager-dev","binary_version":"1.46.0-1ubuntu2.7"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2012/UBUNTU-CVE-2012-1096.json"}},{"package":{"name":"network-manager","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/network-manager@1.52.0-1ubuntu3.4?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1.52.0-1ubuntu1","1.52.0-1ubuntu3","1.52.0-1ubuntu3.1","1.52.0-1ubuntu3.2","1.52.0-1ubuntu3.3","1.52.0-1ubuntu3.4"],"ecosystem_specific":{"binaries":[{"binary_name":"gir1.2-nm-1.0","binary_version":"1.52.0-1ubuntu3.4"},{"binary_name":"libnm-dev","binary_version":"1.52.0-1ubuntu3.4"},{"binary_name":"libnm0","binary_version":"1.52.0-1ubuntu3.4"},{"binary_name":"network-manager","binary_version":"1.52.0-1ubuntu3.4"},{"binary_name":"network-manager-config-connectivity-debian","binary_version":"1.52.0-1ubuntu3.4"},{"binary_name":"network-manager-config-connectivity-ubuntu","binary_version":"1.52.0-1ubuntu3.4"},{"binary_name":"network-manager-dev","binary_version":"1.52.0-1ubuntu3.4"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2012/UBUNTU-CVE-2012-1096.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"type":"Ubuntu","score":"low"}]}