{"id":"UBUNTU-CVE-2015-1322","details":"Directory traversal vulnerability in the Ubuntu network-manager package for Ubuntu (vivid) before 0.9.10.0-4ubuntu15.1, Ubuntu 14.10 before 0.9.8.8-0ubuntu28.1, and Ubuntu 14.04 LTS before 0.9.8.8-0ubuntu7.1 allows local users to change the modem device configuration or read arbitrary files via a .. (dot dot) in the file name in a request to read modem device contexts (com.canonical.NMOfono.ReadImsiContexts).","modified":"2026-02-04T03:00:07.506343Z","published":"2015-04-28T00:00:00Z","related":["USN-2581-1"],"upstream":["CVE-2015-1322"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-1322"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-2581-1"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2015-1322"}],"affected":[{"package":{"name":"network-manager","ecosystem":"Ubuntu:14.04:LTS","purl":"pkg:deb/ubuntu/network-manager@0.9.8.8-0ubuntu7.1?arch=source&distro=trusty"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.9.8.8-0ubuntu7.1"}]}],"versions":["0.9.8.0-0ubuntu22","0.9.8.4-0ubuntu3","0.9.8.8-0ubuntu1","0.9.8.8-0ubuntu4","0.9.8.8-0ubuntu5","0.9.8.8-0ubuntu7"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"gir1.2-networkmanager-1.0","binary_version":"0.9.8.8-0ubuntu7.1"},{"binary_name":"libnm-glib-dev","binary_version":"0.9.8.8-0ubuntu7.1"},{"binary_name":"libnm-glib-vpn-dev","binary_version":"0.9.8.8-0ubuntu7.1"},{"binary_name":"libnm-glib-vpn1","binary_version":"0.9.8.8-0ubuntu7.1"},{"binary_name":"libnm-glib4","binary_version":"0.9.8.8-0ubuntu7.1"},{"binary_name":"libnm-util-dev","binary_version":"0.9.8.8-0ubuntu7.1"},{"binary_name":"libnm-util2","binary_version":"0.9.8.8-0ubuntu7.1"},{"binary_name":"network-manager","binary_version":"0.9.8.8-0ubuntu7.1"},{"binary_name":"network-manager-dev","binary_version":"0.9.8.8-0ubuntu7.1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2015/UBUNTU-CVE-2015-1322.json"}}],"schema_version":"1.7.3","severity":[{"type":"Ubuntu","score":"medium"}]}