CVE-2012-0210

debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to obtain system information and execute arbitrary code via the file name in a (1) .dsc or (2) .changes file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
debianCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 88%
VendorProductVersion
devscripts_devel_teamdevscripts
2.10.0
devscripts_devel_teamdevscripts
2.10.1
devscripts_devel_teamdevscripts
2.10.3
devscripts_devel_teamdevscripts
2.10.6
devscripts_devel_teamdevscripts
2.10.7
devscripts_devel_teamdevscripts
2.10.8
devscripts_devel_teamdevscripts
2.10.9
devscripts_devel_teamdevscripts
2.10.10
devscripts_devel_teamdevscripts
2.10.11
devscripts_devel_teamdevscripts
2.10.12
devscripts_devel_teamdevscripts
2.10.13
devscripts_devel_teamdevscripts
2.10.14
devscripts_devel_teamdevscripts
2.10.15
devscripts_devel_teamdevscripts
2.10.16
devscripts_devel_teamdevscripts
2.10.17
devscripts_devel_teamdevscripts
2.10.18
devscripts_devel_teamdevscripts
2.10.18.1
devscripts_devel_teamdevscripts
2.10.19
devscripts_devel_teamdevscripts
2.10.20
devscripts_devel_teamdevscripts
2.10.21
devscripts_devel_teamdevscripts
2.10.22
devscripts_devel_teamdevscripts
2.10.23
devscripts_devel_teamdevscripts
2.10.24
devscripts_devel_teamdevscripts
2.10.25
devscripts_devel_teamdevscripts
2.10.26
devscripts_devel_teamdevscripts
2.10.27
devscripts_devel_teamdevscripts
2.10.28
devscripts_devel_teamdevscripts
2.10.29
devscripts_devel_teamdevscripts
2.10.30
devscripts_devel_teamdevscripts
2.10.31
devscripts_devel_teamdevscripts
2.10.32
devscripts_devel_teamdevscripts
2.10.33
devscripts_devel_teamdevscripts
2.10.34
devscripts_devel_teamdevscripts
2.10.35
devscripts_devel_teamdevscripts
2.10.36
devscripts_devel_teamdevscripts
2.10.38
devscripts_devel_teamdevscripts
2.10.39
devscripts_devel_teamdevscripts
2.10.40
devscripts_devel_teamdevscripts
2.10.41
devscripts_devel_teamdevscripts
2.10.42
devscripts_devel_teamdevscripts
2.10.43
devscripts_devel_teamdevscripts
2.10.44
devscripts_devel_teamdevscripts
2.10.45
devscripts_devel_teamdevscripts
2.10.46
devscripts_devel_teamdevscripts
2.10.47
devscripts_devel_teamdevscripts
2.10.48
devscripts_devel_teamdevscripts
2.10.49
devscripts_devel_teamdevscripts
2.10.50
devscripts_devel_teamdevscripts
2.10.51
devscripts_devel_teamdevscripts
2.10.52
devscripts_devel_teamdevscripts
2.10.53
devscripts_devel_teamdevscripts
2.10.54
devscripts_devel_teamdevscripts
2.10.55
devscripts_devel_teamdevscripts
2.10.56
devscripts_devel_teamdevscripts
2.10.57
devscripts_devel_teamdevscripts
2.10.58
devscripts_devel_teamdevscripts
2.10.59
devscripts_devel_teamdevscripts
2.10.60
devscripts_devel_teamdevscripts
2.10.61
devscripts_devel_teamdevscripts
2.10.62
devscripts_devel_teamdevscripts
2.10.63
devscripts_devel_teamdevscripts
2.10.64
devscripts_devel_teamdevscripts
2.10.65.1
devscripts_devel_teamdevscripts
2.10.66
devscripts_devel_teamdevscripts
2.10.67
devscripts_devel_teamdevscripts
2.10.68
devscripts_devel_teamdevscripts
2.11.0
devscripts_devel_teamdevscripts
2.11.1
devscripts_devel_teamdevscripts
2.11.2
devscripts_devel_teamdevscripts
2.11.3
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
devscripts
bullseye
2.21.3+deb11u1
fixed
bookworm
2.23.4+deb12u1
fixed
sid
2.24.2
fixed
trixie
2.24.2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
devscripts
oneiric
Fixed 2.11.1ubuntu3.1
released
natty
Fixed 2.10.69ubuntu2.1
released
maverick
Fixed 2.10.67ubuntu1.1
released
lucid
Fixed 2.10.61ubuntu5.1
released
hardy
Fixed 2.10.11ubuntu5.8.04.5
released
Common Weakness Enumeration
References
http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git%3Ba=commitdiff%3Bh=797ddc961532eb0aeb46153e3f28c8e9ea0500d2
http://secunia.com/advisories/47955
http://secunia.com/advisories/48039
http://ubuntu.com/usn/usn-1366-1
http://www.debian.org/security/2012/dsa-2409
http://www.osvdb.org/79319
http://www.securityfocus.com/bid/52029
https://exchange.xforce.ibmcloud.com/vulnerabilities/73215
http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git%3Ba=commitdiff%3Bh=797ddc961532eb0aeb46153e3f28c8e9ea0500d2
http://secunia.com/advisories/47955
http://secunia.com/advisories/48039
http://ubuntu.com/usn/usn-1366-1
http://www.debian.org/security/2012/dsa-2409
http://www.osvdb.org/79319
http://www.securityfocus.com/bid/52029
https://exchange.xforce.ibmcloud.com/vulnerabilities/73215