CVE-2009-4014

2010-02-0216:30:00

CWE-134

[email protected]

web.nvd.nist.gov

cve-2009-4014

lintian

format string vulnerability

remote attackers

security

nvd

6.7 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.019 Low

EPSS

Percentile

88.6%

JSON

Multiple format string vulnerabilities in Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allow remote attackers to have an unspecified impact via vectors involving (1) check scripts and (2) the Lintian::Schedule module.

CPENameOperatorVersion
debian:lintiandebian lintianeq2.2.1
debian:lintiandebian lintianeq2.2.6
debian:lintiandebian lintianeq2.2.11
debian:lintiandebian lintianeq2.1.3
debian:lintiandebian lintianeq1.23.1
debian:lintiandebian lintianeq2.1.1
debian:lintiandebian lintianeq1.23.0
debian:lintiandebian lintianeq1.23.3
debian:lintiandebian lintianeq1.23.28
debian:lintiandebian lintianeq1.23.23

CPE	Name	Operator	Version
debian:lintian	debian lintian	eq	2.2.1
debian:lintian	debian lintian	eq	2.2.6
debian:lintian	debian lintian	eq	2.2.11
debian:lintian	debian lintian	eq	2.1.3
debian:lintian	debian lintian	eq	1.23.1
debian:lintian	debian lintian	eq	2.1.1
debian:lintian	debian lintian	eq	1.23.0
debian:lintian	debian lintian	eq	1.23.3
debian:lintian	debian lintian	eq	1.23.28
debian:lintian	debian lintian	eq	1.23.23