Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2014-3227
HistoryMay 30, 2014 - 12:00 a.m.

CVE-2014-3227

2014-05-3000:00:00
ubuntu.com
ubuntu.com
10

0.005 Low

EPSS

Percentile

75.4%

JSON

dpkg 1.15.9, 1.16.x before 1.16.14, and 1.17.x before 1.17.9 expect the
patch program to be compliant with a need for the “C-style encoded
filenames” feature, but is supported in environments with noncompliant
patch programs, which triggers an interaction error that allows remote
attackers to conduct directory traversal attacks and modify files outside
of the intended directories via a crafted source package. NOTE: this
vulnerability exists because of reliance on unrealistic constraints on the
behavior of an external program.

OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchdpkg< 1.15.5.6ubuntu4.8UNKNOWN
ubuntu12.04noarchdpkg< 1.16.1.2ubuntu7.4UNKNOWN
ubuntu13.10noarchdpkg< 1.16.7ubuntu6.2UNKNOWN
ubuntu14.04noarchdpkg< 1.16.12ubuntu1.2UNKNOWN

Related

debiancve 1
cvelist 1
cve 1
prion 1
osv 1
openvas 1
securityvulns 1
debiancve
debiancve
CVE-2014-3227
2014-05-30 18:55:00
cvelist
cvelist
CVE-2014-3227
2014-05-30 18:00:00
cve
cve
CVE-2014-3227
2014-05-30 18:55:00
prion
prion
Directory traversal
2014-05-30 18:55:00
osv
osv
dpkg - security update
2014-04-28 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-2915-2)
2014-04-27 00:00:00
securityvulns
securityvulns
[oss-security] Re: CVE request: another path traversal in dpkg-source during unpack
2014-06-13 00:00:00

0.005 Low

EPSS

Percentile

75.4%

JSON
Related for UB:CVE-2014-3227
debiancve1cvelist1cve1prion1osv1openvas1securityvulns1