CVE-2012-0212

debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to execute arbitrary code via shell metacharacters in the file name argument.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
debianCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 91%
VendorProductVersion
devscripts_devel_teamdevscripts
2.10.0
devscripts_devel_teamdevscripts
2.10.1
devscripts_devel_teamdevscripts
2.10.3
devscripts_devel_teamdevscripts
2.10.6
devscripts_devel_teamdevscripts
2.10.7
devscripts_devel_teamdevscripts
2.10.8
devscripts_devel_teamdevscripts
2.10.9
devscripts_devel_teamdevscripts
2.10.10
devscripts_devel_teamdevscripts
2.10.11
devscripts_devel_teamdevscripts
2.10.12
devscripts_devel_teamdevscripts
2.10.13
devscripts_devel_teamdevscripts
2.10.14
devscripts_devel_teamdevscripts
2.10.15
devscripts_devel_teamdevscripts
2.10.16
devscripts_devel_teamdevscripts
2.10.17
devscripts_devel_teamdevscripts
2.10.18
devscripts_devel_teamdevscripts
2.10.18.1
devscripts_devel_teamdevscripts
2.10.19
devscripts_devel_teamdevscripts
2.10.20
devscripts_devel_teamdevscripts
2.10.21
devscripts_devel_teamdevscripts
2.10.22
devscripts_devel_teamdevscripts
2.10.23
devscripts_devel_teamdevscripts
2.10.24
devscripts_devel_teamdevscripts
2.10.25
devscripts_devel_teamdevscripts
2.10.26
devscripts_devel_teamdevscripts
2.10.27
devscripts_devel_teamdevscripts
2.10.28
devscripts_devel_teamdevscripts
2.10.29
devscripts_devel_teamdevscripts
2.10.30
devscripts_devel_teamdevscripts
2.10.31
devscripts_devel_teamdevscripts
2.10.32
devscripts_devel_teamdevscripts
2.10.33
devscripts_devel_teamdevscripts
2.10.34
devscripts_devel_teamdevscripts
2.10.35
devscripts_devel_teamdevscripts
2.10.36
devscripts_devel_teamdevscripts
2.10.38
devscripts_devel_teamdevscripts
2.10.39
devscripts_devel_teamdevscripts
2.10.40
devscripts_devel_teamdevscripts
2.10.41
devscripts_devel_teamdevscripts
2.10.42
devscripts_devel_teamdevscripts
2.10.43
devscripts_devel_teamdevscripts
2.10.44
devscripts_devel_teamdevscripts
2.10.45
devscripts_devel_teamdevscripts
2.10.46
devscripts_devel_teamdevscripts
2.10.47
devscripts_devel_teamdevscripts
2.10.48
devscripts_devel_teamdevscripts
2.10.49
devscripts_devel_teamdevscripts
2.10.50
devscripts_devel_teamdevscripts
2.10.51
devscripts_devel_teamdevscripts
2.10.52
devscripts_devel_teamdevscripts
2.10.53
devscripts_devel_teamdevscripts
2.10.54
devscripts_devel_teamdevscripts
2.10.55
devscripts_devel_teamdevscripts
2.10.56
devscripts_devel_teamdevscripts
2.10.57
devscripts_devel_teamdevscripts
2.10.58
devscripts_devel_teamdevscripts
2.10.59
devscripts_devel_teamdevscripts
2.10.60
devscripts_devel_teamdevscripts
2.10.61
devscripts_devel_teamdevscripts
2.10.62
devscripts_devel_teamdevscripts
2.10.63
devscripts_devel_teamdevscripts
2.10.64
devscripts_devel_teamdevscripts
2.10.65.1
devscripts_devel_teamdevscripts
2.10.66
devscripts_devel_teamdevscripts
2.10.67
devscripts_devel_teamdevscripts
2.10.68
devscripts_devel_teamdevscripts
2.11.0
devscripts_devel_teamdevscripts
2.11.1
devscripts_devel_teamdevscripts
2.11.2
devscripts_devel_teamdevscripts
2.11.3
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
devscripts
bullseye
2.21.3+deb11u1
fixed
bookworm
2.23.4+deb12u1
fixed
trixie
2.24.1
fixed
sid
2.24.2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
devscripts
oneiric
Fixed 2.11.1ubuntu3.1
released
natty
Fixed 2.10.69ubuntu2.1
released
maverick
Fixed 2.10.67ubuntu1.1
released
lucid
Fixed 2.10.61ubuntu5.1
released
hardy
Fixed 2.10.11ubuntu5.8.04.5
released
Common Weakness Enumeration
References
http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git%3Ba=commitdiff%3Bh=9cbe605d3eab4f9e67525f69b676c55b273b7a03
http://secunia.com/advisories/47955
http://secunia.com/advisories/48039
http://ubuntu.com/usn/usn-1366-1
http://www.debian.org/security/2012/dsa-2409
http://www.osvdb.org/79322
http://www.securityfocus.com/bid/52029
http://www.ubuntu.com/usn/USN-1593-1
https://exchange.xforce.ibmcloud.com/vulnerabilities/73217
http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git%3Ba=commitdiff%3Bh=9cbe605d3eab4f9e67525f69b676c55b273b7a03
http://secunia.com/advisories/47955
http://secunia.com/advisories/48039
http://ubuntu.com/usn/usn-1366-1
http://www.debian.org/security/2012/dsa-2409
http://www.osvdb.org/79322
http://www.securityfocus.com/bid/52029
http://www.ubuntu.com/usn/USN-1593-1
https://exchange.xforce.ibmcloud.com/vulnerabilities/73217