Clicking Time and selecting top menu item (current date) launches evolution configuration wizard
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
unity-greeter (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
On the Ubuntu login screen (unity-greeter), at the top of the screen are several widgets for accessibility, etc, and there is also a clock display. Clicking the clock drops down a menu displaying the current date and a calendar. I have discovered that if you click on the current date (i.e. first item in the menu), then evolution is launched and goes through the set-up steps, including asking for your email address, etc.
Although I haven't gone through the set-up steps, it is conceivable that you could enter your email details (e.g. pop server) and download messages, which could contain executable attachments, which you could then launch to gain access to the system (as lightdm user) without ever logging in.
I apologise if I have classified this bug incorrectly. I chose unity-greeter because it seemed the most relevant package for something that seems to be a flaw with the login screen itself.
ProblemType: Bug
DistroRelease: Ubuntu 13.10
Package: unity-greeter 13.10.3-0ubuntu1
ProcVersionSign
Uname: Linux 3.11.0-13-generic x86_64
ApportVersion: 2.12.5-0ubuntu2.1
Architecture: amd64
Date: Thu Nov 21 20:50:27 2013
InstallationDate: Installed on 2013-05-09 (195 days ago)
InstallationMedia: Ubuntu 13.04 "Raring Ringtail" - Release amd64 (20130424)
MarkForUpload: True
SourcePackage: unity-greeter
UpgradeStatus: Upgraded to saucy on 2013-10-27 (25 days ago)
information type: | Private Security → Public Security |
tags: | added: rls-t-incoming |