Canonical · Ubiquity-Slideshow-Ubuntu · CVE-2012-0956
**Name of the Vulnerable Software and Affected Versions**
ubiquity-slideshow-ubuntu versions before 58.2
**Description**
The issue allows remote man-in-the-middle attackers to execute arbitrary web script or HTML and read arbitrary files via a crafted attribute in the <a> tag of a Twitter feed during installation.
**Recommendations**
For versions before 58.2, update to version 58.2 or later to resolve the issue.