CVE-2012-3587 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Vector
NIST	NIST	2.6 UNKNOWN	NETWORK	HIGH	AV:N/AC:H/Au:N/C:N/I:P/A:N
mitre	CNA	---			---
CVE	ADP	---			---

Base Score

CVSS 3.x

EPSS Score

Percentile: 36%

Vendor	Product	Version
debian	advanced_package_tool	0.7.0
debian	advanced_package_tool	0.7.1
debian	advanced_package_tool	0.7.2
debian	advanced_package_tool	0.7.2-0.1
debian	advanced_package_tool	0.7.10
debian	advanced_package_tool	0.7.11
debian	advanced_package_tool	0.7.12
debian	advanced_package_tool	0.7.13
debian	advanced_package_tool	0.7.14
debian	advanced_package_tool	0.7.15
debian	advanced_package_tool	0.7.15:exp1
debian	advanced_package_tool	0.7.15:exp2
debian	advanced_package_tool	0.7.15:exp3
debian	advanced_package_tool	0.7.16
debian	advanced_package_tool	0.7.17
debian	advanced_package_tool	0.7.17:exp1
debian	advanced_package_tool	0.7.17:exp2
debian	advanced_package_tool	0.7.17:exp3
debian	advanced_package_tool	0.7.17:exp4
debian	advanced_package_tool	0.7.18
debian	advanced_package_tool	0.7.19
debian	advanced_package_tool	0.7.20
debian	advanced_package_tool	0.7.20.1
debian	advanced_package_tool	0.7.20.2
debian	advanced_package_tool	0.7.21
debian	advanced_package_tool	0.7.22
debian	advanced_package_tool	0.7.22.1
debian	advanced_package_tool	0.7.22.2
debian	advanced_package_tool	0.7.23
debian	advanced_package_tool	0.7.23.1
debian	advanced_package_tool	0.7.24
debian	advanced_package_tool	0.8.0
debian	advanced_package_tool	0.8.0:pre1
debian	advanced_package_tool	0.8.0:pre2
debian	advanced_package_tool	0.8.1
debian	advanced_package_tool	0.8.10
debian	advanced_package_tool	0.8.10.1
debian	advanced_package_tool	0.8.10.2
debian	advanced_package_tool	0.8.10.3
debian	advanced_package_tool	0.8.11
debian	advanced_package_tool	0.8.11.1
debian	advanced_package_tool	0.8.11.2
debian	advanced_package_tool	0.8.11.3
debian	advanced_package_tool	0.8.11.4
debian	advanced_package_tool	0.8.11.5
debian	advanced_package_tool	0.8.12
debian	advanced_package_tool	0.8.13
debian	advanced_package_tool	0.8.13.1
debian	advanced_package_tool	0.8.13.2
debian	advanced_package_tool	0.8.14
debian	advanced_package_tool	0.8.14.1
debian	advanced_package_tool	0.8.15
debian	advanced_package_tool	0.8.15:exp1
debian	advanced_package_tool	0.8.15:exp2
debian	advanced_package_tool	0.8.15:exp3
debian	advanced_package_tool	0.8.15.1
debian	advanced_package_tool	0.8.15.6
debian	advanced_package_tool	0.8.15.7
debian	advanced_package_tool	0.8.15.8
debian	advanced_package_tool	0.8.15.9
debian	advanced_package_tool	0.8.15.10

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

apt

bullseye	2.2.4 fixed
bookworm	2.6.1 fixed
sid	2.9.10 fixed
trixie	2.9.10 fixed

Ubuntu Releases

Ubuntu Product

Codename

apt

precise	Fixed 0.8.16~exp12ubuntu10.2 released
oneiric	Fixed 0.8.16~exp5ubuntu13.5 released
natty	Fixed 0.8.13.2ubuntu4.6 released
lucid	Fixed 0.7.25.3ubuntu9.13 released
hardy	Fixed 0.7.9ubuntu17.6 released

Common Weakness Enumeration

CWE-20 - Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References

http://seclists.org/fulldisclosure/2012/Jun/267

http://www.ubuntu.com/usn/USN-1475-1

http://www.ubuntu.com/usn/USN-1477-1

https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1013128

http://seclists.org/fulldisclosure/2012/Jun/267

http://www.ubuntu.com/usn/USN-1475-1

http://www.ubuntu.com/usn/USN-1477-1

https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1013128