1 results (0.025 seconds)

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

Untrusted search path vulnerability in apt-listchanges.py in apt-listchanges before 2.82 allows local users to execute arbitrary code via a malicious apt-listchanges program in the current working directory. Vulnerabilidad de ruta de búsqueda no confiable en apt-listchanges.py de apt-listchanges versiones anteriores a 2.82 permite a usuarios locales ejecutar código de su elección mediante un programa apt-listchanges malicioso en el directorio actual de trabajo. • http://git.madism.org/?p=apt-listchanges.git%3Ba=commitdiff%3Bh=1bcfbf3dc55413bb83a1782dc9a54515a963fb32 http://packages.debian.org/changelogs/pool/main/a/apt-listchanges/apt-listchanges_2.82/changelog http://secunia.com/advisories/28513 http://secunia.com/advisories/28574 http://www.debian.org/security/2008/dsa-1465 http://www.securityfocus.com/bid/27331 http://www.ubuntu.com/usn/usn-572-1 • CWE-94: Improper Control of Generation of Code ('Code Injection') •