6 matches found
SUSE CVE-2012-2241
scripts/dget.pl in devscripts before 2.12.3 allows remote attackers to delete arbitrary files via a crafted 1 .dsc or 2 .changes file, probably related to a NULL byte in a filename...
SUSE CVE-2015-0840
The dpkg-source command in Debian dpkg before 1.16.16 and 1.17.x before 1.17.25 allows remote attackers to bypass signature verification via a crafted Debian source control file .dsc...
DEBIAN-CVE-2012-2242
scripts/dget.pl in devscripts before 2.10.73 allows remote attackers to execute arbitrary commands via a crafted 1 .dsc or 2 .changes file, related to "arguments to external commands" that are not properly escaped, a different vulnerability than CVE-2012-2240...
CVE-2012-2242
scripts/dget.pl in devscripts before 2.10.73 allows remote attackers to execute arbitrary commands via a crafted 1 .dsc or 2 .changes file, related to "arguments to external commands" that are not properly escaped, a different vulnerability than CVE-2012-2240...
CVE-2012-0210
debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to obtain system information and execute arbitrary code via the file name in a 1 .dsc or 2 .changes file...
CVE-2012-0210
debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to obtain system information and execute arbitrary code via the file name in a 1 .dsc or 2 .changes file...