Lucene search
HistoryNov 03, 2014 - 10:55 p.m.
CVE-2014-0490
cve-2014-0490
apt-get
apt
signature validation
code execution
nvd
7.4 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.027 Low
EPSS
Percentile
90.2%
The apt-get download command in APT before 1.0.9 does not properly validate signatures for packages, which allows remote attackers to execute arbitrary code via a crafted package.
Related
ubuntucve
ubuntucve
CVE-2014-0490
2014-09-16 00:00:00
debiancve
debiancve
CVE-2014-0490
2014-11-03 22:55:00
prion
prion
Command injection
2014-11-03 22:55:00
ubuntu
ubuntu
APT vulnerabilities
2014-09-16 00:00:00
debian
debian
[SECURITY] [DSA 3025-1] apt security update
2014-09-16 16:30:05
[SECURITY] [DSA 3025-1] apt security update
2014-09-16 16:30:05
[SECURITY] [DSA 3025-2] apt regression update
2014-09-18 20:30:42
openvas
openvas
Ubuntu Update for apt USN-2348-1
2014-09-17 00:00:00
Debian Security Advisory DSA 3025-1 (apt - security update)
2014-09-16 00:00:00
Debian Security Advisory DSA 3025-1 (apt - security update)
2014-09-16 00:00:00
securityvulns
securityvulns
[USN-2348-1] APT vulnerabilities
2014-09-21 00:00:00
apt multiple security vulnerabilities
2014-09-25 00:00:00
nessus
nessus
Debian DSA-3025-1 : apt - security update
2014-09-17 00:00:00
Ubuntu 14.04 LTS : APT vulnerabilities (USN-2348-1)
2014-09-17 00:00:00
osv
osv
apt - security update
2014-09-16 00:00:00
7.4 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.027 Low
EPSS
Percentile
90.2%
Related for CVE-2014-0490