5

CVE-2012-2241

scripts/dget.pl in devscripts before 2.12.3 allows remote attackers to delete arbitrary files via a crafted (1) .dsc or (2) .changes file, probably related to a NULL byte in a filename.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Devscripts Devel TeamDevscripts Version <= 2.12.2
Devscripts Devel TeamDevscripts Version2.8.14
Devscripts Devel TeamDevscripts Version2.9.21
Devscripts Devel TeamDevscripts Version2.9.22
Devscripts Devel TeamDevscripts Version2.9.23
Devscripts Devel TeamDevscripts Version2.9.24
Devscripts Devel TeamDevscripts Version2.9.25
Devscripts Devel TeamDevscripts Version2.9.26 Updateetch1
Devscripts Devel TeamDevscripts Version2.9.26 Updateetch2
Devscripts Devel TeamDevscripts Version2.9.26 Updateetch4
Devscripts Devel TeamDevscripts Version2.9.26 Updateetch5
Devscripts Devel TeamDevscripts Version2.9.27
Devscripts Devel TeamDevscripts Version2.10.0
Devscripts Devel TeamDevscripts Version2.10.1
Devscripts Devel TeamDevscripts Version2.10.3
Devscripts Devel TeamDevscripts Version2.10.6
Devscripts Devel TeamDevscripts Version2.10.7
Devscripts Devel TeamDevscripts Version2.10.8
Devscripts Devel TeamDevscripts Version2.10.9
Devscripts Devel TeamDevscripts Version2.10.10
Devscripts Devel TeamDevscripts Version2.10.11
Devscripts Devel TeamDevscripts Version2.10.12
Devscripts Devel TeamDevscripts Version2.10.13
Devscripts Devel TeamDevscripts Version2.10.14
Devscripts Devel TeamDevscripts Version2.10.15
Devscripts Devel TeamDevscripts Version2.10.16
Devscripts Devel TeamDevscripts Version2.10.17
Devscripts Devel TeamDevscripts Version2.10.18
Devscripts Devel TeamDevscripts Version2.10.18.1
Devscripts Devel TeamDevscripts Version2.10.19
Devscripts Devel TeamDevscripts Version2.10.20
Devscripts Devel TeamDevscripts Version2.10.21
Devscripts Devel TeamDevscripts Version2.10.22
Devscripts Devel TeamDevscripts Version2.10.23
Devscripts Devel TeamDevscripts Version2.10.24
Devscripts Devel TeamDevscripts Version2.10.25
Devscripts Devel TeamDevscripts Version2.10.26
Devscripts Devel TeamDevscripts Version2.10.27
Devscripts Devel TeamDevscripts Version2.10.28
Devscripts Devel TeamDevscripts Version2.10.29
Devscripts Devel TeamDevscripts Version2.10.30
Devscripts Devel TeamDevscripts Version2.10.31
Devscripts Devel TeamDevscripts Version2.10.32
Devscripts Devel TeamDevscripts Version2.10.33
Devscripts Devel TeamDevscripts Version2.10.34
Devscripts Devel TeamDevscripts Version2.10.35
Devscripts Devel TeamDevscripts Version2.10.36
Devscripts Devel TeamDevscripts Version2.10.38
Devscripts Devel TeamDevscripts Version2.10.39
Devscripts Devel TeamDevscripts Version2.10.40
Devscripts Devel TeamDevscripts Version2.10.41
Devscripts Devel TeamDevscripts Version2.10.42
Devscripts Devel TeamDevscripts Version2.10.43
Devscripts Devel TeamDevscripts Version2.10.44
Devscripts Devel TeamDevscripts Version2.10.45
Devscripts Devel TeamDevscripts Version2.10.46
Devscripts Devel TeamDevscripts Version2.10.47
Devscripts Devel TeamDevscripts Version2.10.48
Devscripts Devel TeamDevscripts Version2.10.49
Devscripts Devel TeamDevscripts Version2.10.50
Devscripts Devel TeamDevscripts Version2.10.51
Devscripts Devel TeamDevscripts Version2.10.52
Devscripts Devel TeamDevscripts Version2.10.53
Devscripts Devel TeamDevscripts Version2.10.54
Devscripts Devel TeamDevscripts Version2.10.55
Devscripts Devel TeamDevscripts Version2.10.56
Devscripts Devel TeamDevscripts Version2.10.57
Devscripts Devel TeamDevscripts Version2.10.58
Devscripts Devel TeamDevscripts Version2.10.59
Devscripts Devel TeamDevscripts Version2.10.60
Devscripts Devel TeamDevscripts Version2.10.61
Devscripts Devel TeamDevscripts Version2.10.62
Devscripts Devel TeamDevscripts Version2.10.63
Devscripts Devel TeamDevscripts Version2.10.64
Devscripts Devel TeamDevscripts Version2.10.65.1
Devscripts Devel TeamDevscripts Version2.10.66
Devscripts Devel TeamDevscripts Version2.10.67
Devscripts Devel TeamDevscripts Version2.10.68
Devscripts Devel TeamDevscripts Version2.11.0
Devscripts Devel TeamDevscripts Version2.11.1
Devscripts Devel TeamDevscripts Version2.11.2
Devscripts Devel TeamDevscripts Version2.11.3
Devscripts Devel TeamDevscripts Version2.11.4
Devscripts Devel TeamDevscripts Version2.11.5
Devscripts Devel TeamDevscripts Version2.11.6
Devscripts Devel TeamDevscripts Version2.11.7
Devscripts Devel TeamDevscripts Version2.11.8
Devscripts Devel TeamDevscripts Version2.11.9
Devscripts Devel TeamDevscripts Version2.12.0
Devscripts Devel TeamDevscripts Version2.12.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.51% 0.71
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:P/A:N
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.ubuntu.com/usn/USN-1593-1
http://secunia.com/advisories/50600
Vendor Advisory
http://www.debian.org/security/2012/dsa-2549
Vendor Advisory
http://www.securityfocus.com/bid/55564
http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git%3Ba=commitdiff%3Bh=0fd15bdec07b085f9ef438dacd18e159ac60b810
https://exchange.xforce.ibmcloud.com/vulnerabilities/78977