CVE-2009-4014 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.5 UNKNOWN	NETWORK	LOW		AV:N/AC:L/Au:N/C:P/I:P/A:P

Base Score

CVSS 3.x

EPSS Score

Percentile: 83%

Affected Products (NVD)

Vendor	Product	Version
debian	lintian	1.23.0
debian	lintian	1.23.1
debian	lintian	1.23.2
debian	lintian	1.23.3
debian	lintian	1.23.4
debian	lintian	1.23.5
debian	lintian	1.23.6
debian	lintian	1.23.7
debian	lintian	1.23.8
debian	lintian	1.23.9
debian	lintian	1.23.10
debian	lintian	1.23.11
debian	lintian	1.23.12
debian	lintian	1.23.13
debian	lintian	1.23.14
debian	lintian	1.23.15
debian	lintian	1.23.16
debian	lintian	1.23.17
debian	lintian	1.23.18
debian	lintian	1.23.19
debian	lintian	1.23.20
debian	lintian	1.23.22
debian	lintian	1.23.23
debian	lintian	1.23.24
debian	lintian	1.23.25
debian	lintian	1.23.26
debian	lintian	1.23.27
debian	lintian	1.23.28
debian	lintian	1.24.0
debian	lintian	1.24.1
debian	lintian	1.24.2
debian	lintian	1.24.2.1
debian	lintian	2.0-rc1
debian	lintian	2.0-rc2
debian	lintian	2.1.0
debian	lintian	2.1.1
debian	lintian	2.1.2
debian	lintian	2.1.3
debian	lintian	2.1.4
debian	lintian	2.1.5
debian	lintian	2.1.6
debian	lintian	2.2.0
debian	lintian	2.2.1
debian	lintian	2.2.2
debian	lintian	2.2.3
debian	lintian	2.2.4
debian	lintian	2.2.5
debian	lintian	2.2.6
debian	lintian	2.2.7
debian	lintian	2.2.8
debian	lintian	2.2.9
debian	lintian	2.2.10
debian	lintian	2.2.11
debian	lintian	2.2.12
debian	lintian	2.2.13
debian	lintian	2.2.14
debian	lintian	2.2.15
debian	lintian	2.2.16
debian	lintian	2.2.18
debian	lintian	2.3.0
debian	lintian	2.3.1

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

lintian

bookworm	2.116.3 fixed
bullseye	2.104.0 fixed
sid	2.120.0 fixed
trixie	2.119.0 fixed

Ubuntu Releases

Ubuntu Product

Codename

lintian

dapper	Fixed 1.23.16ubuntu2.1 released
hardy	Fixed 1.23.46ubuntu0.1 released
intrepid	Fixed 1.24.3ubuntu0.1 released
jaunty	Fixed 2.2.5ubuntu1.1 released
karmic	Fixed 2.2.17ubuntu1.1 released

Common Weakness Enumeration

CWE-134 - Use of Externally-Controlled Format String
The software uses a function that accepts a format string as an argument, but the format string originates from an external source.

References

http://git.debian.org/?p=lintian/lintian.git%3Ba=commit%3Bh=c8d01f062b3e5137cf65196760b079a855c75e00

http://git.debian.org/?p=lintian/lintian.git%3Ba=commit%3Bh=fbe0c92b2ef7e360d13414bf40d6af5507d0c86d

http://packages.debian.org/changelogs/pool/main/l/lintian/lintian_2.3.2/changelog

http://packages.qa.debian.org/l/lintian/news/20100128T015554Z.html

http://secunia.com/advisories/38375

http://secunia.com/advisories/38379

http://www.debian.org/security/2010/dsa-1979

http://www.securityfocus.com/bid/37975

http://www.ubuntu.com/usn/USN-891-1

http://git.debian.org/?p=lintian/lintian.git%3Ba=commit%3Bh=c8d01f062b3e5137cf65196760b079a855c75e00

http://git.debian.org/?p=lintian/lintian.git%3Ba=commit%3Bh=fbe0c92b2ef7e360d13414bf40d6af5507d0c86d

http://packages.debian.org/changelogs/pool/main/l/lintian/lintian_2.3.2/changelog

http://packages.qa.debian.org/l/lintian/news/20100128T015554Z.html

http://secunia.com/advisories/38375

http://secunia.com/advisories/38379

http://www.debian.org/security/2010/dsa-1979

http://www.securityfocus.com/bid/37975

http://www.ubuntu.com/usn/USN-891-1