CVSS: 9.3EPSS: 6%CPEs: 70EXPL: 0CVE-2012-0210
https://notcve.org/view.php?id=CVE-2012-0210
debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to obtain system information and execute arbitrary code via the file name in a (1) .dsc or (2) .changes file. debdiff.pl de devscripts 2.10.x anteriores a 2.10.69 y 2.11.x anteriores a 2.11.4 permite a atacantes remotos obtener información del sistema y ejecutar código arbitrario a través de un nombre de fichero en un archivo (1) .dsc o (2) .changes. • http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git%3Ba=commitdiff%3Bh=797ddc961532eb0aeb46153e3f28c8e9ea0500d2 http://secunia.com/advisories/47955 http://secunia.com/advisories/48039 http://ubuntu.com/usn/usn-1366-1 http://www.debian.org/security/2012/dsa-2409 http://www.osvdb.org/79319 http://www.securityfocus.com/bid/52029 https://exchange.xforce.ibmcloud.com/vulnerabilities/73215 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 6%CPEs: 70EXPL: 0CVE-2012-0212
https://notcve.org/view.php?id=CVE-2012-0212
debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to execute arbitrary code via shell metacharacters in the file name argument. debdiff.pl de devscripts 2.10.x anteriores a 2.10.69 y 2.11.x anteriores a 2.11.4 permite a atacantes remotos ejecutar código arbitrario a través de meta-caracteres de shell en el argumento de nombre de fichero. • http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git%3Ba=commitdiff%3Bh=9cbe605d3eab4f9e67525f69b676c55b273b7a03 http://secunia.com/advisories/47955 http://secunia.com/advisories/48039 http://ubuntu.com/usn/usn-1366-1 http://www.debian.org/security/2012/dsa-2409 http://www.osvdb.org/79322 http://www.securityfocus.com/bid/52029 http://www.ubuntu.com/usn/USN-1593-1 https://exchange.xforce.ibmcloud.com/vulnerabilities/73217 • CWE-20: Improper Input Validation •