CVE-2016-5119

Опубликовано: 23 янв. 2017

Источник: debian

Описание

The automatic update feature in KeePass 2.33 and earlier allows man-in-the-middle attackers to execute arbitrary code by spoofing the version check response and supplying a crafted update.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
keepass2	fixed	2.18+dfsg-1		package

Примечания

autoupdate dialog disabled in Debian via patch, but basically not-affected

Связанные уязвимости

CVE-2016-5119

CVSS3: 7.5

ubuntu

около 9 лет назад

The automatic update feature in KeePass 2.33 and earlier allows man-in-the-middle attackers to execute arbitrary code by spoofing the version check response and supplying a crafted update.

CVE-2016-5119

CVSS3: 7.5

nvd

около 9 лет назад

The automatic update feature in KeePass 2.33 and earlier allows man-in-the-middle attackers to execute arbitrary code by spoofing the version check response and supplying a crafted update.

GHSA-cvv5-jq3p-gqgx

CVSS3: 7.5

github

больше 3 лет назад

The automatic update feature in KeePass 2.33 and earlier allows man-in-the-middle attackers to execute arbitrary code by spoofing the version check response and supplying a crafted update.