UBUNTU-CVE-2014-3204

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2014-3204

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2014/UBUNTU-CVE-2014-3204.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2014-3204

Upstream

CVE-2014-3204

Related

USN-2184-1

Published

2014-05-06T14:55:00Z

Modified

2026-04-22T09:39:20.575695Z

Severity

Ubuntu - medium

Summary

[none]

Details

Unity before 7.2.1, as used in Ubuntu 14.04, does not properly handle keyboard shortcuts, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by right-clicking on the indicator bar and then pressing the ALT and F2 keys.

References

Affected packages

Ubuntu:14.04:LTS / unity

Package

Name: unity
Purl: pkg:deb/ubuntu/unity@7.2.0+14.04.20140423-0ubuntu1.1?arch=source&distro=trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.2.0+14.04.20140423-0ubuntu1.1

Affected versions

7.*

7.1.2+13.10.20131014.1-0ubuntu1

7.1.2+14.04.20131106.1-0ubuntu1

7.1.2+14.04.20131106.1-0ubuntu2

7.1.2+14.04.20131106.1-0ubuntu4

7.1.2+14.04.20131106.1-0ubuntu5

7.1.2+14.04.20140214.1-0ubuntu1

7.1.2+14.04.20140217-0ubuntu1

7.1.2+14.04.20140218.1-0ubuntu1

7.1.2+14.04.20140218.1-0ubuntu2

7.1.2+14.04.20140220-0ubuntu1

7.1.2+14.04.20140228-0ubuntu1

7.1.2+14.04.20140303-0ubuntu1

7.1.2+14.04.20140305-0ubuntu1

7.1.2+14.04.20140311-0ubuntu1

7.1.2+14.04.20140312-0ubuntu1

7.1.2+14.04.20140313-0ubuntu1

7.1.2+14.04.20140318-0ubuntu1

7.1.2+14.04.20140320.1-0ubuntu1

7.1.2+14.04.20140321-0ubuntu1

7.1.2+14.04.20140328.1-0ubuntu1

7.2.0+14.04.20140402-0ubuntu1

7.2.0+14.04.20140403-0ubuntu1

7.2.0+14.04.20140404-0ubuntu1

7.2.0+14.04.20140410-0ubuntu1

7.2.0+14.04.20140410.1-0ubuntu1

7.2.0+14.04.20140411-0ubuntu1

7.2.0+14.04.20140414.1-0ubuntu1

7.2.0+14.04.20140416-0ubuntu1

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "libunity-2d-private0",
            "binary_version": "7.2.0+14.04.20140423-0ubuntu1.1"
        },
        {
            "binary_name": "libunity-core-6.0-9",
            "binary_version": "7.2.0+14.04.20140423-0ubuntu1.1"
        },
        {
            "binary_name": "unity",
            "binary_version": "7.2.0+14.04.20140423-0ubuntu1.1"
        },
        {
            "binary_name": "unity-2d",
            "binary_version": "7.2.0+14.04.20140423-0ubuntu1.1"
        },
        {
            "binary_name": "unity-2d-common",
            "binary_version": "7.2.0+14.04.20140423-0ubuntu1.1"
        },
        {
            "binary_name": "unity-2d-panel",
            "binary_version": "7.2.0+14.04.20140423-0ubuntu1.1"
        },
        {
            "binary_name": "unity-2d-shell",
            "binary_version": "7.2.0+14.04.20140423-0ubuntu1.1"
        },
        {
            "binary_name": "unity-2d-spread",
            "binary_version": "7.2.0+14.04.20140423-0ubuntu1.1"
        },
        {
            "binary_name": "unity-autopilot",
            "binary_version": "7.2.0+14.04.20140423-0ubuntu1.1"
        },
        {
            "binary_name": "unity-services",
            "binary_version": "7.2.0+14.04.20140423-0ubuntu1.1"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2014/UBUNTU-CVE-2014-3204.json"