Lucene search
HistoryNov 03, 2014 - 10:55 p.m.
CVE-2014-0489
apt
code execution
cve-2014-0489
security vulnerability
checksum validation
7.2 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.027 Low
EPSS
Percentile
90.2%
APT before 1.0.9, when the Acquire::GzipIndexes option is enabled, does not validate checksums, which allows remote attackers to execute arbitrary code via a crafted package.
Related
prion
prion
Code injection
2014-11-03 22:55:00
ubuntucve
ubuntucve
CVE-2014-0489
2014-09-16 00:00:00
debiancve
debiancve
CVE-2014-0489
2014-11-03 22:55:00
nessus
nessus
Debian DLA-53-1 : apt security update
2015-03-26 00:00:00
Debian DSA-3025-1 : apt - security update
2014-09-17 00:00:00
Ubuntu 14.04 LTS : APT vulnerabilities (USN-2348-1)
2014-09-17 00:00:00
osv
osv
apt - security update
2014-09-03 00:00:00
apt - security update
2014-09-16 00:00:00
debian
debian
[SECURITY] [DLA 53-1] apt security update
2014-09-16 16:51:00
[SECURITY] [DSA 3025-2] apt regression update
2014-09-18 20:30:42
[SECURITY] [DSA 3025-2] apt regression update
2014-09-18 20:30:42
openvas
openvas
Ubuntu Update for apt USN-2348-1
2014-09-17 00:00:00
Debian Security Advisory DSA 3025-1 (apt - security update)
2014-09-16 00:00:00
Debian Security Advisory DSA 3025-1 (apt - security update)
2014-09-16 00:00:00
securityvulns
securityvulns
[USN-2348-1] APT vulnerabilities
2014-09-21 00:00:00
apt multiple security vulnerabilities
2014-09-25 00:00:00
ubuntu
ubuntu
APT vulnerabilities
2014-09-16 00:00:00
7.2 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.027 Low
EPSS
Percentile
90.2%
Related for CVE-2014-0489