VYPR
Unrated severityNVD Advisory· Published Oct 3, 2013· Updated Jun 16, 2026

CVE-2013-1064

CVE-2013-1064

Description

apt-xapian-index before 0.45ubuntu2.1, 0.44ubuntu7.1, and 0.44ubuntu5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8
  • cpe:2.3:a:canonical:apt-xapian-index:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:canonical:apt-xapian-index:*:*:*:*:*:*:*:*range: >=0.45ubuntu1,<0.45ubuntu2.1
    • cpe:2.3:a:canonical:apt-xapian-index:0.44ubuntu5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:canonical:apt-xapian-index:0.44ubuntu7.1:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*+ 2 more
    • cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*
  • Range: 0.45ubuntu2.1, 0.44ubuntu7.1, 0.44ubuntu5.1
  • Range: 0.45ubuntu2.1, 0.44ubuntu7.1, 0.44ubuntu5.1

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.