CVE-2008-0302

Untrusted search path vulnerability in apt-listchanges.py in apt-listchanges before 2.82 allows local users to execute arbitrary code via a malicious apt-listchanges program in the current working directory.
Code Injection
Severity
UNKNOWN
AV:L/AC:L/Au:N/C:C/I:C/A:C
Atk. Vector
LOCAL
Atk. Complexity
LOW
Base Score
CVSS 3.x
EPSS Score
Percentile: 5%
VendorProductVersion
debianapt-listchanges
𝑥
≤ 2.81
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
apt-listchanges
bookworm
3.24
fixed
bullseye
3.24
fixed
sarge
not-affected
sid
4.8
fixed
trixie
4.8
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
apt-listchanges
gutsy
Fixed 2.74ubuntu3.1
released
feisty
Fixed 2.72ubuntu6.1
released
edgy
not-affected
dapper
not-affected