CVE-2016-1244

Опубликовано: 03 окт. 2016

Источник: debian

EPSS Низкий

Описание

The extractTree function in unADF allows remote attackers to execute arbitrary code via shell metacharacters in a directory name in an adf file.

Пакет	Статус	Версия исправления	Релиз	Тип
unadf	fixed	0.7.11a-6		package
unadf	fixed	0.7.11a-5+deb12u1	bookworm	package
unadf	fixed	0.7.11a-4+deb11u1	bullseye	package

Fixed by: https://github.com/lclevy/ADFlib/commit/8e973d7b894552c3a3de0ccd2d1e9cb0b8e618dd
The changes between 0.7.11a-3 and 0.7.11a-4 did not include the upstream fix.

EPSS

Процентиль: 93%

0.09936

Низкий

CVE-2016-1244

CVSS3: 8.8

ubuntu

больше 9 лет назад

The extractTree function in unADF allows remote attackers to execute arbitrary code via shell metacharacters in a directory name in an adf file.

CVE-2016-1244

CVSS3: 8.8

nvd

больше 9 лет назад

The extractTree function in unADF allows remote attackers to execute arbitrary code via shell metacharacters in a directory name in an adf file.

GHSA-wq4c-pjjw-v66r

CVSS3: 8.8

github

больше 3 лет назад

The extractTree function in unADF allows remote attackers to execute arbitrary code via shell metacharacters in a directory name in an adf file.

EPSS

Процентиль: 93%

0.09936

Низкий