CVE-2012-2242

scripts/dget.pl in devscripts before 2.10.73 allows remote attackers to execute arbitrary commands via a crafted (1) .dsc or (2) .changes file, related to "arguments to external commands" that are not properly escaped, a different vulnerability than CVE-2012-2240.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
debianCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 69%
VendorProductVersion
devscripts_devel_teamdevscripts
𝑥
≤ 2.10.72
devscripts_devel_teamdevscripts
2.10.0
devscripts_devel_teamdevscripts
2.10.1
devscripts_devel_teamdevscripts
2.10.3
devscripts_devel_teamdevscripts
2.10.6
devscripts_devel_teamdevscripts
2.10.7
devscripts_devel_teamdevscripts
2.10.8
devscripts_devel_teamdevscripts
2.10.9
devscripts_devel_teamdevscripts
2.10.10
devscripts_devel_teamdevscripts
2.10.11
devscripts_devel_teamdevscripts
2.10.12
devscripts_devel_teamdevscripts
2.10.13
devscripts_devel_teamdevscripts
2.10.14
devscripts_devel_teamdevscripts
2.10.15
devscripts_devel_teamdevscripts
2.10.16
devscripts_devel_teamdevscripts
2.10.17
devscripts_devel_teamdevscripts
2.10.18
devscripts_devel_teamdevscripts
2.10.18.1
devscripts_devel_teamdevscripts
2.10.19
devscripts_devel_teamdevscripts
2.10.20
devscripts_devel_teamdevscripts
2.10.21
devscripts_devel_teamdevscripts
2.10.22
devscripts_devel_teamdevscripts
2.10.23
devscripts_devel_teamdevscripts
2.10.24
devscripts_devel_teamdevscripts
2.10.25
devscripts_devel_teamdevscripts
2.10.26
devscripts_devel_teamdevscripts
2.10.27
devscripts_devel_teamdevscripts
2.10.28
devscripts_devel_teamdevscripts
2.10.29
devscripts_devel_teamdevscripts
2.10.30
devscripts_devel_teamdevscripts
2.10.31
devscripts_devel_teamdevscripts
2.10.32
devscripts_devel_teamdevscripts
2.10.33
devscripts_devel_teamdevscripts
2.10.34
devscripts_devel_teamdevscripts
2.10.35
devscripts_devel_teamdevscripts
2.10.36
devscripts_devel_teamdevscripts
2.10.38
devscripts_devel_teamdevscripts
2.10.39
devscripts_devel_teamdevscripts
2.10.40
devscripts_devel_teamdevscripts
2.10.41
devscripts_devel_teamdevscripts
2.10.42
devscripts_devel_teamdevscripts
2.10.43
devscripts_devel_teamdevscripts
2.10.44
devscripts_devel_teamdevscripts
2.10.45
devscripts_devel_teamdevscripts
2.10.46
devscripts_devel_teamdevscripts
2.10.47
devscripts_devel_teamdevscripts
2.10.48
devscripts_devel_teamdevscripts
2.10.49
devscripts_devel_teamdevscripts
2.10.50
devscripts_devel_teamdevscripts
2.10.51
devscripts_devel_teamdevscripts
2.10.52
devscripts_devel_teamdevscripts
2.10.53
devscripts_devel_teamdevscripts
2.10.54
devscripts_devel_teamdevscripts
2.10.55
devscripts_devel_teamdevscripts
2.10.56
devscripts_devel_teamdevscripts
2.10.57
devscripts_devel_teamdevscripts
2.10.58
devscripts_devel_teamdevscripts
2.10.59
devscripts_devel_teamdevscripts
2.10.60
devscripts_devel_teamdevscripts
2.10.61
devscripts_devel_teamdevscripts
2.10.62
devscripts_devel_teamdevscripts
2.10.63
devscripts_devel_teamdevscripts
2.10.64
devscripts_devel_teamdevscripts
2.10.65.1
devscripts_devel_teamdevscripts
2.10.66
devscripts_devel_teamdevscripts
2.10.67
devscripts_devel_teamdevscripts
2.10.68
devscripts_devel_teamdevscripts
2.10.69
devscripts_devel_teamdevscripts
2.10.69:squeeze1
devscripts_devel_teamdevscripts
2.10.69:squeeze2
devscripts_devel_teamdevscripts
2.10.69:squeeze3
devscripts_devel_teamdevscripts
2.10.69:squeeze4
devscripts_devel_teamdevscripts
2.10.70
devscripts_devel_teamdevscripts
2.10.71
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
devscripts
bullseye
2.21.3+deb11u1
fixed
bookworm
2.23.4+deb12u1
fixed
sid
2.24.2
fixed
trixie
2.24.2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
devscripts
precise
not-affected
oneiric
not-affected
natty
Fixed 2.10.69ubuntu2.2
released
lucid
Fixed 2.10.61ubuntu5.3
released
hardy
ignored
Common Weakness Enumeration
References
http://secunia.com/advisories/50600
http://www.debian.org/security/2012/dsa-2549
http://www.securityfocus.com/bid/55564
http://www.ubuntu.com/usn/USN-1593-1
http://secunia.com/advisories/50600
http://www.debian.org/security/2012/dsa-2549
http://www.securityfocus.com/bid/55564
http://www.ubuntu.com/usn/USN-1593-1