CVE-2012-0863

Name of the Vulnerable Software and Affected Versions Mumble versions 1.2.3 and earlier

Description The issue allows local users to potentially obtain cleartext passwords and configuration data by reading a file due to world-readable permissions for .local/share/data/Mumble/.mumble.sqlite files in home directories.

Recommendations For versions 1.2.3 and earlier, consider changing the permissions of the .mumble.sqlite file to restrict access and prevent unauthorized reading. As a temporary workaround, restrict access to the .local/share/data/Mumble/ directory until a fix is applied.