CVE-2014-0479

2014-08-0619:55:03

Debian Security Bug Tracker

security-tracker.debian.org

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.017 Low

EPSS

Percentile

87.8%

JSON

reportbug before 6.4.4+deb7u1 and 6.5.x before 6.5.0+nmu1 allows remote attackers to execute arbitrary commands via vectors related to compare_versions and reportbug/checkversions.py.

OSVersionArchitecturePackageVersionFilename
Debian12allreportbug< 6.5.0+nmu1reportbug_6.5.0+nmu1_all.deb
Debian11allreportbug< 6.5.0+nmu1reportbug_6.5.0+nmu1_all.deb
Debian999allreportbug< 6.5.0+nmu1reportbug_6.5.0+nmu1_all.deb
Debian13allreportbug< 6.5.0+nmu1reportbug_6.5.0+nmu1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	reportbug	< 6.5.0+nmu1	reportbug_6.5.0+nmu1_all.deb
Debian	11	all	reportbug	< 6.5.0+nmu1	reportbug_6.5.0+nmu1_all.deb
Debian	999	all	reportbug	< 6.5.0+nmu1	reportbug_6.5.0+nmu1_all.deb
Debian	13	all	reportbug	< 6.5.0+nmu1	reportbug_6.5.0+nmu1_all.deb