CVE-2008-0302
Severity CVSS v4.0:
Pending analysis
Type:
CWE-94
Code Injection
Publication date:
17/01/2008
Last modified:
09/04/2025
Description
Untrusted search path vulnerability in apt-listchanges.py in apt-listchanges before 2.82 allows local users to execute arbitrary code via a malicious apt-listchanges program in the current working directory.
Impact
Base Score 2.0
7.20
Severity 2.0
HIGH
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:debian:apt-listchanges:*:*:*:*:*:*:*:* | 2.81 (including) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://git.madism.org/?p=apt-listchanges.git%3Ba%3Dcommitdiff%3Bh%3D1bcfbf3dc55413bb83a1782dc9a54515a963fb32
- http://packages.debian.org/changelogs/pool/main/a/apt-listchanges/apt-listchanges_2.82/changelog
- http://secunia.com/advisories/28513
- http://secunia.com/advisories/28574
- http://www.debian.org/security/2008/dsa-1465
- http://www.securityfocus.com/bid/27331
- http://www.ubuntu.com/usn/usn-572-1
- http://git.madism.org/?p=apt-listchanges.git%3Ba%3Dcommitdiff%3Bh%3D1bcfbf3dc55413bb83a1782dc9a54515a963fb32
- http://packages.debian.org/changelogs/pool/main/a/apt-listchanges/apt-listchanges_2.82/changelog
- http://secunia.com/advisories/28513
- http://secunia.com/advisories/28574
- http://www.debian.org/security/2008/dsa-1465
- http://www.securityfocus.com/bid/27331
- http://www.ubuntu.com/usn/usn-572-1