Описание
Multiple format string vulnerabilities in the parse_error_msg function in parsehelp.c in dpkg before 1.17.22 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the (1) package or (2) architecture name.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 1.17.24ubuntu1 |
| bionic | not-affected | 1.17.24ubuntu1 |
| cosmic | not-affected | 1.17.24ubuntu1 |
| devel | not-affected | 1.17.24ubuntu1 |
| disco | not-affected | 1.17.24ubuntu1 |
| eoan | not-affected | 1.17.24ubuntu1 |
| esm-infra-legacy/trusty | needed | |
| esm-infra/bionic | not-affected | 1.17.24ubuntu1 |
| esm-infra/focal | not-affected | 1.17.24ubuntu1 |
| esm-infra/xenial | not-affected | 1.17.24ubuntu1 |
Показывать по
6.8 Medium
CVSS2
Связанные уязвимости
Multiple format string vulnerabilities in the parse_error_msg function in parsehelp.c in dpkg before 1.17.22 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the (1) package or (2) architecture name.
Multiple format string vulnerabilities in the parse_error_msg function ...
Multiple format string vulnerabilities in the parse_error_msg function in parsehelp.c in dpkg before 1.17.22 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the (1) package or (2) architecture name.
6.8 Medium
CVSS2