Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
CVE-2012-0211
CVE information
Published
Last Modified
CVSSv2.0 Severity
Impact Analysis
Description
debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to execute arbitrary code via a crafted tarball file name in the top-level directory of an original (.orig) source tarball of a source package..
CVSSv2.0 Score
- Severity
- High
- Base Score
- 9.3/10
- Exploit Score
- 8.6/10
- Access Vector
- Network
- Access Complexity
- Medium
- Authentication Required
- None
- Impact Score
- 10/10
- Confidentiality Impact
- Complete
- Availability Impact
- Complete
- Integrity Impact
- Complete
Products Affected
| CPE | Affected | Vulnerable | Excluding | Edit |
|---|---|---|---|---|
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.28:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.59:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.62:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.65.1:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.24:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.48:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.16:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.61:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.54:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.56:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.43:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.7:*:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.8:*:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.64:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.46:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.55:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.50:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.34:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.49:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.36:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.12:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.1:*:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.18:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.33:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.27:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.35:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.13:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.25:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.68:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.20:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.53:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.17:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.11:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.52:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.22:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.67:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.31:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.15:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.44:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.10:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.66:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.47:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.29:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.30:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.42:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.57:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.19:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.6:*:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.23:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.21:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.41:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.39:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.9:*:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.51:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.60:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.26:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.3:*:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.32:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.14:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.58:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.0:*:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.38:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.40:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.45:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.63:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.10.18.1:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.11.2:*:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.11.1:*:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.11.3:*:*:*:*:*: |
Yes
|
- | - | |
| cpe:2.3:a:devscripts_devel_team:devscripts:2.11.0:*:*:*:*:*: |
Yes
|
- | - |
References
- http://secunia.com/advisories/47955
- http://www.osvdb.org/79320
- http://www.securityfocus.com/bid/52029
- http://ubuntu.com/usn/usn-1366-1
- http://secunia.com/advisories/48039
- http://www.debian.org/security/2012/dsa-2409
- https://exchange.xforce.ibmcloud.com/vulnerabilities/73216
- http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git%3Ba=commitdiff%3Bh=9cbe605
- http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git%3Ba=commitdiff%3Bh=87f8823