CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2013-1051

apt 0.8.16, 0.9.7, and possibly other versions does not properly handle InRelease files, which allows man-in-the-middle attackers to modify packages before installation via unknown vectors, possibly related to integrity checking and the use of third-party repositories.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 33.2%

CVSS Severity

CVSS v2 Score 4.3

References

http://osvdb.org/91428
http://secunia.com/advisories/52633
http://www.ubuntu.com/usn/USN-1762-1
http://osvdb.org/91428
http://secunia.com/advisories/52633
http://www.ubuntu.com/usn/USN-1762-1

Products affected by CVE-2013-1051

Debian » Advanced Package Tool » Version: 0.8.16

cpe:2.3:a:debian:advanced_package_tool:0.8.16
Debian » Apt » Version: 0.9.7

cpe:2.3:a:debian:apt:0.9.7
Canonical » Ubuntu Linux » Version: 11.10

cpe:2.3:o:canonical:ubuntu_linux:11.10
Canonical » Ubuntu Linux » Version: 12.04

cpe:2.3:o:canonical:ubuntu_linux:12.04
Canonical » Ubuntu Linux » Version: 12.10

cpe:2.3:o:canonical:ubuntu_linux:12.10

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-1051

Products

Pricing

Contact Us