*** This bug is a security vulnerability ***
Public security bug reported:
Binary package hint: vinagre
I found this by accident while remotely *viewing* a desktop session.
I discovered that whenever I copy something (text mode) in memory (ie
press CTRL+C) and the remote desktop viewer just happens to be doing a
paste operation (ie CTRL+V in text mode) the remote user will instead
paste whatever is in MY memory. If I do the pasting, and the remote user
just did a copy command, I will get his copy of text instead.
This happened using 64-bit Intrepid machines, remote desktop user was
copying text from a browser into oowriter while I'm copying text from a
gedit session.
I assumed that while I'm on a "view only" session of Vinagre, I don't
interact in any way with the remote desktop except to see what's on
their screen. I believe that this is a security issue, or at least
concerns privacy.
Ubuntu: 64-bit Intrepid 8.10
Vinagre: 2.24.1-0ubuntu1.1
** Affects: vinagre (Ubuntu)
Importance: Undecided
Status: New
** Visibility changed to: Public
--
vinagre session - "shares" memory when doing copy/paste
https://bugs.launchpad.net/bugs/344042
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
