Vulnerability Details CVE-2008-0302
Untrusted search path vulnerability in apt-listchanges.py in apt-listchanges before 2.82 allows local users to execute arbitrary code via a malicious apt-listchanges program in the current working directory.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 23.7%
CVSS Severity
CVSS v2 Score 7.2
References
- http://git.madism.org/?p=apt-listchanges.git%3Ba=commitdiff%3Bh=1bcfbf3dc55413bb83a1782dc9a54515a963fb32
- http://packages.debian.org/changelogs/pool/main/a/apt-listchanges/apt-listchanges_2.82/changelog
- http://secunia.com/advisories/28513
- http://secunia.com/advisories/28574
- http://www.debian.org/security/2008/dsa-1465
- http://www.securityfocus.com/bid/27331
- http://www.ubuntu.com/usn/usn-572-1
- http://git.madism.org/?p=apt-listchanges.git%3Ba=commitdiff%3Bh=1bcfbf3dc55413bb83a1782dc9a54515a963fb32
- http://packages.debian.org/changelogs/pool/main/a/apt-listchanges/apt-listchanges_2.82/changelog
- http://secunia.com/advisories/28513
- http://secunia.com/advisories/28574
- http://www.debian.org/security/2008/dsa-1465
- http://www.securityfocus.com/bid/27331
- http://www.ubuntu.com/usn/usn-572-1
Products affected by CVE-2008-0302
-
cpe:2.3:a:debian:apt-listchanges:-
-
cpe:2.3:a:debian:apt-listchanges:2.81