CVE-2009-4014 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.5 UNKNOWN	NETWORK	LOW		AV:N/AC:L/Au:N/C:P/I:P/A:P
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 82%

Vendor	Product	Version
debian	lintian	1.23.0
debian	lintian	1.23.1
debian	lintian	1.23.2
debian	lintian	1.23.3
debian	lintian	1.23.4
debian	lintian	1.23.5
debian	lintian	1.23.6
debian	lintian	1.23.7
debian	lintian	1.23.8
debian	lintian	1.23.9
debian	lintian	1.23.10
debian	lintian	1.23.11
debian	lintian	1.23.12
debian	lintian	1.23.13
debian	lintian	1.23.14
debian	lintian	1.23.15
debian	lintian	1.23.16
debian	lintian	1.23.17
debian	lintian	1.23.18
debian	lintian	1.23.19
debian	lintian	1.23.20
debian	lintian	1.23.22
debian	lintian	1.23.23
debian	lintian	1.23.24
debian	lintian	1.23.25
debian	lintian	1.23.26
debian	lintian	1.23.27
debian	lintian	1.23.28
debian	lintian	1.24.0
debian	lintian	1.24.1
debian	lintian	1.24.2
debian	lintian	1.24.2.1
debian	lintian	2.0-rc1
debian	lintian	2.0-rc2
debian	lintian	2.1.0
debian	lintian	2.1.1
debian	lintian	2.1.2
debian	lintian	2.1.3
debian	lintian	2.1.4
debian	lintian	2.1.5
debian	lintian	2.1.6
debian	lintian	2.2.0
debian	lintian	2.2.1
debian	lintian	2.2.2
debian	lintian	2.2.3
debian	lintian	2.2.4
debian	lintian	2.2.5
debian	lintian	2.2.6
debian	lintian	2.2.7
debian	lintian	2.2.8
debian	lintian	2.2.9
debian	lintian	2.2.10
debian	lintian	2.2.11
debian	lintian	2.2.12
debian	lintian	2.2.13
debian	lintian	2.2.14
debian	lintian	2.2.15
debian	lintian	2.2.16
debian	lintian	2.2.18
debian	lintian	2.3.0
debian	lintian	2.3.1

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

lintian

bullseye	2.104.0 fixed
bookworm	2.116.3 fixed
trixie	2.119.0 fixed
sid	2.120.0 fixed

Ubuntu Releases

Ubuntu Product

Codename

lintian

karmic	Fixed 2.2.17ubuntu1.1 released
jaunty	Fixed 2.2.5ubuntu1.1 released
intrepid	Fixed 1.24.3ubuntu0.1 released
hardy	Fixed 1.23.46ubuntu0.1 released
dapper	Fixed 1.23.16ubuntu2.1 released

Common Weakness Enumeration

CWE-134 - Use of Externally-Controlled Format String
The software uses a function that accepts a format string as an argument, but the format string originates from an external source.

References

http://git.debian.org/?p=lintian/lintian.git%3Ba=commit%3Bh=c8d01f062b3e5137cf65196760b079a855c75e00

http://git.debian.org/?p=lintian/lintian.git%3Ba=commit%3Bh=fbe0c92b2ef7e360d13414bf40d6af5507d0c86d

http://packages.debian.org/changelogs/pool/main/l/lintian/lintian_2.3.2/changelog

http://packages.qa.debian.org/l/lintian/news/20100128T015554Z.html

http://secunia.com/advisories/38375

http://secunia.com/advisories/38379

http://www.debian.org/security/2010/dsa-1979

http://www.securityfocus.com/bid/37975

http://www.ubuntu.com/usn/USN-891-1

http://git.debian.org/?p=lintian/lintian.git%3Ba=commit%3Bh=c8d01f062b3e5137cf65196760b079a855c75e00

http://git.debian.org/?p=lintian/lintian.git%3Ba=commit%3Bh=fbe0c92b2ef7e360d13414bf40d6af5507d0c86d

http://packages.debian.org/changelogs/pool/main/l/lintian/lintian_2.3.2/changelog

http://packages.qa.debian.org/l/lintian/news/20100128T015554Z.html

http://secunia.com/advisories/38375

http://secunia.com/advisories/38379

http://www.debian.org/security/2010/dsa-1979

http://www.securityfocus.com/bid/37975

http://www.ubuntu.com/usn/USN-891-1