View at Official ubuntu advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2011-1165 low priority: Ubuntu including 1 source packages (vino), 9 status rows across 9 suites (hardy, lucid, maverick, natty, oneiric, precise, quantal, raring, upstream): ignored 4, not-affected 4, needs-triage 1.
Vino, possibly before 3.2, does not properly document that it opens ports in UPnP routers when the "Configure network to automatically accept connections" setting is enabled, which might make it easier for remote attackers to perform further attacks.