Lucene search

[email protected]CVE-2008-0302

HistoryJan 17, 2008 - 2:00 a.m.

CVE-2008-0302

2008-01-1702:00:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2008-0302

nvd

vulnerability

apt-listchanges

untrusted search path

6.7 Medium

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

Untrusted search path vulnerability in apt-listchanges.py in apt-listchanges before 2.82 allows local users to execute arbitrary code via a malicious apt-listchanges program in the current working directory.

CPENameOperatorVersion
debian:apt-listchangesdebian apt-listchangesle2.81

CPE	Name	Operator	Version
debian:apt-listchanges	debian apt-listchanges	le	2.81

References

git.madism.org/?p=apt-listchanges.git%3Ba=commitdiff%3Bh=1bcfbf3dc55413bb83a1782dc9a54515a963fb32

packages.debian.org/changelogs/pool/main/a/apt-listchanges/apt-listchanges_2.82/changelog

secunia.com/advisories/28513

secunia.com/advisories/28574

www.debian.org/security/2008/dsa-1465

www.securityfocus.com/bid/27331

www.ubuntu.com/usn/usn-572-1

Social References

6.7 Medium

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2008-0302

openvas6 debiancve1 nessus2 osv1 prion1 securityvulns2 debian2 ubuntu1 cvelist1 ubuntucve1