cve-2014-3127
Vulnerability from cvelistv5
Published
2014-05-14 00:00
Modified
2024-08-06 10:35
Severity ?
Summary
dpkg 1.15.9 on Debian squeeze introduces support for the "C-style encoded filenames" feature without recognizing that the squeeze patch program lacks this feature, which triggers an interaction error that allows remote attackers to conduct directory traversal attacks and modify files outside of the intended directories via a crafted source package. NOTE: this can be considered a release engineering problem in the effort to fix CVE-2014-0471.
References
cve@mitre.orghttp://metadata.ftp-master.debian.org/changelogs//main/d/dpkg/dpkg_1.15.10_changelog
cve@mitre.orghttp://seclists.org/oss-sec/2014/q2/191
cve@mitre.orghttp://seclists.org/oss-sec/2014/q2/227
cve@mitre.orghttp://www.securityfocus.com/bid/67181
cve@mitre.orghttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=746306
af854a3a-2127-422b-91ae-364da2661108http://metadata.ftp-master.debian.org/changelogs//main/d/dpkg/dpkg_1.15.10_changelog
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/oss-sec/2014/q2/191
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/oss-sec/2014/q2/227
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/67181
af854a3a-2127-422b-91ae-364da2661108https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=746306
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T10:35:57.031Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=746306"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://metadata.ftp-master.debian.org/changelogs//main/d/dpkg/dpkg_1.15.10_changelog"
          },
          {
            "name": "[oss-security] 20140429 CVE request: directory traversal in DSA-2915-1-patched dpkg in Debian squeeze",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://seclists.org/oss-sec/2014/q2/191"
          },
          {
            "name": "[oss-security] 20140501 Re: CVE request: directory traversal in DSA-2915-1-patched dpkg in Debian squeeze",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://seclists.org/oss-sec/2014/q2/227"
          },
          {
            "name": "67181",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/67181"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-04-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "dpkg 1.15.9 on Debian squeeze introduces support for the \"C-style encoded filenames\" feature without recognizing that the squeeze patch program lacks this feature, which triggers an interaction error that allows remote attackers to conduct directory traversal attacks and modify files outside of the intended directories via a crafted source package.  NOTE: this can be considered a release engineering problem in the effort to fix CVE-2014-0471."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2014-05-30T17:57:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=746306"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://metadata.ftp-master.debian.org/changelogs//main/d/dpkg/dpkg_1.15.10_changelog"
        },
        {
          "name": "[oss-security] 20140429 CVE request: directory traversal in DSA-2915-1-patched dpkg in Debian squeeze",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://seclists.org/oss-sec/2014/q2/191"
        },
        {
          "name": "[oss-security] 20140501 Re: CVE request: directory traversal in DSA-2915-1-patched dpkg in Debian squeeze",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://seclists.org/oss-sec/2014/q2/227"
        },
        {
          "name": "67181",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/67181"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-3127",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "dpkg 1.15.9 on Debian squeeze introduces support for the \"C-style encoded filenames\" feature without recognizing that the squeeze patch program lacks this feature, which triggers an interaction error that allows remote attackers to conduct directory traversal attacks and modify files outside of the intended directories via a crafted source package.  NOTE: this can be considered a release engineering problem in the effort to fix CVE-2014-0471."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=746306",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=746306"
            },
            {
              "name": "http://metadata.ftp-master.debian.org/changelogs//main/d/dpkg/dpkg_1.15.10_changelog",
              "refsource": "CONFIRM",
              "url": "http://metadata.ftp-master.debian.org/changelogs//main/d/dpkg/dpkg_1.15.10_changelog"
            },
            {
              "name": "[oss-security] 20140429 CVE request: directory traversal in DSA-2915-1-patched dpkg in Debian squeeze",
              "refsource": "MLIST",
              "url": "http://seclists.org/oss-sec/2014/q2/191"
            },
            {
              "name": "[oss-security] 20140501 Re: CVE request: directory traversal in DSA-2915-1-patched dpkg in Debian squeeze",
              "refsource": "MLIST",
              "url": "http://seclists.org/oss-sec/2014/q2/227"
            },
            {
              "name": "67181",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/67181"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-3127",
    "datePublished": "2014-05-14T00:00:00",
    "dateReserved": "2014-04-29T00:00:00",
    "dateUpdated": "2024-08-06T10:35:57.031Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.16.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"60B76474-A71E-4BEA-880B-88A8F0E9E79D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.16.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5918D066-8950-44D5-9F14-72C499F9F40A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.16.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"623BF341-D9EC-43DF-BA62-D45FDC1FE4E9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.16.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D6692AB-7927-4D4B-8E11-EA9B7B93836C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.16.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B6EE875E-DEC4-443C-8921-B4658CA2B2C3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.16.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4BDD2CFE-61E4-436E-9D49-7F1977904EB8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.16.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"12DB535B-9C12-4B13-8B6E-AB4EEC1CFF9D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.16.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6675F9A6-FA20-4AF7-B57F-85595103AA61\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.16.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3322B7E4-D815-40B6-836A-2D070F9D0528\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.16.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A67143CC-3137-49B3-955C-43C405DB847B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.16.4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B1CA956E-51BC-428E-9730-31797A34BE3C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.16.4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3AFC055D-9B64-428C-9D85-CFC2F27EB906\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.16.4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"00E6E62F-B11F-4060-8AAF-A9FA73749422\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.16.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0B05CB56-6994-4F75-8015-03F554CD7D78\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.16.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B5CF35EC-CCBF-4096-BCAF-98A15DE6D78C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.16.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"42C819CC-48E9-4E85-A564-456A27481852\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.16.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D7B2152-3086-4094-8AE2-6E1AF9D35BF7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.16.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EF5B9CC6-C288-4E8C-AC99-D4717DBE63FC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.16.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"65CD971C-EB83-4456-A368-F57B9391599A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.16.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B8CA877A-533B-4B60-A90B-8A958FCA2DF1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.16.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B71A62D9-8013-4528-8EB0-75C18435AE24\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.17.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D18D2B08-C8DD-475D-8E7D-F39E8C24723B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.17.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BA424995-B5E0-4C8A-862B-5290506DF94E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.17.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"43F974E2-41AF-42B2-8EE7-02724FD37673\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.17.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EFD1F763-34E3-4B39-9184-6CCCD75733A0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.17.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1C8ADF13-CEF9-400B-BACA-F64AFDEEED7D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.17.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2B2595A0-024B-4C82-8626-9471A3FB96D6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.17.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E81B04E7-FBA1-45D3-B458-3B57DF331796\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.17.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"934A9FC7-1B44-4A70-83B6-21783C5BB9BB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.17.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A66344A0-A556-4E72-9954-CBC0FF9B900F\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.15.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D266110F-6EDD-4570-8B5C-BB6A620D7510\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.15.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5489857D-D325-41D1-991C-1664EB63CF2E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.15.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EF34E4C1-9160-4052-951A-D08835024AC4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.15.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"30E46BF1-5BC3-429B-9A16-2F95620A8FE9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.15.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B7B3327F-8A47-4D13-A48A-3157B6318F9C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.15.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"90246AB1-F0C4-432B-AA2D-A644084C0C74\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.15.4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"44EAC604-FF3B-470A-9413-EBAC32DC1322\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.15.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"84E9FBA6-6418-448F-800E-970C9D08877F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.15.5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"98521A64-4E54-472F-AC7C-73005551CEA3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.15.5.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"421D9F1E-EF92-47E3-98D6-8C824862F7A5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.15.5.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D85C04B-FC70-41BD-8994-B7C1AF6048BE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.15.5.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CAFD7DD4-555B-4757-B459-01B9D915A9B7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.15.5.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F2C7B906-87E1-44F3-AF35-5BFEF574F180\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.15.5.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0984921F-8EAB-4740-B2CC-4269C4CF6C93\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.15.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F48CB557-229E-4BA5-84C6-DBEA06552D96\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.15.6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F27F9EA-226F-450F-A181-F100E49A90B8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.15.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ED9E199F-1994-4C5C-B8DB-D6002FD95AE5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.15.7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"419D7AA6-745E-4254-9743-6AC136DB1893\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.15.7.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0F1F3BE1-30BA-4780-9924-D5B0E4F50EAC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.15.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3BFBE00A-3FB7-4D10-807C-67CA59B91044\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.15.8.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2E486ABD-DD1D-43A9-9783-894694E0F14C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.15.8.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"87DEA4E0-8BF1-4558-88F3-D3F3D8161287\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.15.8.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1405C137-D923-436C-A006-F232961BAB24\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.15.8.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD929336-FAFB-480C-8CD1-3264C3BE529B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.15.8.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9F2B117A-2746-458B-AB77-37EB40646482\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.15.8.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DD8A1B4A-59D3-4D0F-80CC-7D8F94B5699E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.15.8.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A12559EE-7FAC-4C21-99CC-D076E98CA137\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.15.8.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07B7B48B-B915-43D7-9AE4-EA1322925EDE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.15.8.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B7AE1019-67C2-4334-83DC-75754C997079\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.15.8.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B4AC0E03-C115-4B5C-9D1B-CD86B749B8C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.15.8.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C0C7B663-4ADD-42A7-B302-975C05288BDA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.15.8.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B9EE9B3E-C62B-4C97-A8A5-16CCAA392FD9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.15.8.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"248E90A5-6A3C-4647-891E-005DA3A46C6C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:debian:dpkg:1.15.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"35ECCA17-BB6A-4DDA-8F26-C84628B95A3A\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"dpkg 1.15.9 on Debian squeeze introduces support for the \\\"C-style encoded filenames\\\" feature without recognizing that the squeeze patch program lacks this feature, which triggers an interaction error that allows remote attackers to conduct directory traversal attacks and modify files outside of the intended directories via a crafted source package.  NOTE: this can be considered a release engineering problem in the effort to fix CVE-2014-0471.\"}, {\"lang\": \"es\", \"value\": \"dpkg versi\\u00f3n 1.15.9 en squeeze de Debian, introduce soporte para la funcionalidad \\\"C-style encoded filenames\\\" sin reconocer que el programa parche de squeeze carece de esta caracter\\u00edstica, lo que desencadena un error de interacci\\u00f3n que permite a los atacantes remotos conducir ataques de salto de directorio y modificar archivos fuera de los directorios previstos por medio de un paquete fuente dise\\u00f1ado. NOTA: esto se puede considerar un problema de ingenier\\u00eda de versiones en el intento por corregir el CVE-2014-0471.\"}]",
      "id": "CVE-2014-3127",
      "lastModified": "2024-11-21T02:07:30.150",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:H/Au:N/C:N/I:C/A:C\", \"baseScore\": 7.1, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"HIGH\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 4.9, \"impactScore\": 9.2, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2014-05-14T00:55:10.400",
      "references": "[{\"url\": \"http://metadata.ftp-master.debian.org/changelogs//main/d/dpkg/dpkg_1.15.10_changelog\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://seclists.org/oss-sec/2014/q2/191\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://seclists.org/oss-sec/2014/q2/227\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/67181\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=746306\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://metadata.ftp-master.debian.org/changelogs//main/d/dpkg/dpkg_1.15.10_changelog\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://seclists.org/oss-sec/2014/q2/191\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://seclists.org/oss-sec/2014/q2/227\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/67181\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=746306\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-22\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2014-3127\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2014-05-14T00:55:10.400\",\"lastModified\":\"2024-11-21T02:07:30.150\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"dpkg 1.15.9 on Debian squeeze introduces support for the \\\"C-style encoded filenames\\\" feature without recognizing that the squeeze patch program lacks this feature, which triggers an interaction error that allows remote attackers to conduct directory traversal attacks and modify files outside of the intended directories via a crafted source package.  NOTE: this can be considered a release engineering problem in the effort to fix CVE-2014-0471.\"},{\"lang\":\"es\",\"value\":\"dpkg versi\u00f3n 1.15.9 en squeeze de Debian, introduce soporte para la funcionalidad \\\"C-style encoded filenames\\\" sin reconocer que el programa parche de squeeze carece de esta caracter\u00edstica, lo que desencadena un error de interacci\u00f3n que permite a los atacantes remotos conducir ataques de salto de directorio y modificar archivos fuera de los directorios previstos por medio de un paquete fuente dise\u00f1ado. NOTA: esto se puede considerar un problema de ingenier\u00eda de versiones en el intento por corregir el CVE-2014-0471.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:H/Au:N/C:N/I:C/A:C\",\"baseScore\":7.1,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":4.9,\"impactScore\":9.2,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.16.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60B76474-A71E-4BEA-880B-88A8F0E9E79D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.16.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5918D066-8950-44D5-9F14-72C499F9F40A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.16.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"623BF341-D9EC-43DF-BA62-D45FDC1FE4E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.16.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D6692AB-7927-4D4B-8E11-EA9B7B93836C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.16.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6EE875E-DEC4-443C-8921-B4658CA2B2C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.16.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BDD2CFE-61E4-436E-9D49-7F1977904EB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.16.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12DB535B-9C12-4B13-8B6E-AB4EEC1CFF9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.16.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6675F9A6-FA20-4AF7-B57F-85595103AA61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.16.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3322B7E4-D815-40B6-836A-2D070F9D0528\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.16.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A67143CC-3137-49B3-955C-43C405DB847B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.16.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1CA956E-51BC-428E-9730-31797A34BE3C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.16.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AFC055D-9B64-428C-9D85-CFC2F27EB906\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.16.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00E6E62F-B11F-4060-8AAF-A9FA73749422\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.16.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B05CB56-6994-4F75-8015-03F554CD7D78\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.16.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5CF35EC-CCBF-4096-BCAF-98A15DE6D78C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.16.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42C819CC-48E9-4E85-A564-456A27481852\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.16.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D7B2152-3086-4094-8AE2-6E1AF9D35BF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.16.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF5B9CC6-C288-4E8C-AC99-D4717DBE63FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.16.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65CD971C-EB83-4456-A368-F57B9391599A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.16.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8CA877A-533B-4B60-A90B-8A958FCA2DF1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.16.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B71A62D9-8013-4528-8EB0-75C18435AE24\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.17.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D18D2B08-C8DD-475D-8E7D-F39E8C24723B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.17.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA424995-B5E0-4C8A-862B-5290506DF94E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.17.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43F974E2-41AF-42B2-8EE7-02724FD37673\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.17.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFD1F763-34E3-4B39-9184-6CCCD75733A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.17.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C8ADF13-CEF9-400B-BACA-F64AFDEEED7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.17.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B2595A0-024B-4C82-8626-9471A3FB96D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.17.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E81B04E7-FBA1-45D3-B458-3B57DF331796\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.17.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"934A9FC7-1B44-4A70-83B6-21783C5BB9BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.17.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A66344A0-A556-4E72-9954-CBC0FF9B900F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D266110F-6EDD-4570-8B5C-BB6A620D7510\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5489857D-D325-41D1-991C-1664EB63CF2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.15.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF34E4C1-9160-4052-951A-D08835024AC4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.15.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30E46BF1-5BC3-429B-9A16-2F95620A8FE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.15.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7B3327F-8A47-4D13-A48A-3157B6318F9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.15.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90246AB1-F0C4-432B-AA2D-A644084C0C74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.15.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44EAC604-FF3B-470A-9413-EBAC32DC1322\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.15.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84E9FBA6-6418-448F-800E-970C9D08877F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.15.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98521A64-4E54-472F-AC7C-73005551CEA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.15.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"421D9F1E-EF92-47E3-98D6-8C824862F7A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.15.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D85C04B-FC70-41BD-8994-B7C1AF6048BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.15.5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CAFD7DD4-555B-4757-B459-01B9D915A9B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.15.5.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2C7B906-87E1-44F3-AF35-5BFEF574F180\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.15.5.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0984921F-8EAB-4740-B2CC-4269C4CF6C93\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.15.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F48CB557-229E-4BA5-84C6-DBEA06552D96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.15.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F27F9EA-226F-450F-A181-F100E49A90B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.15.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED9E199F-1994-4C5C-B8DB-D6002FD95AE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.15.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"419D7AA6-745E-4254-9743-6AC136DB1893\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.15.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F1F3BE1-30BA-4780-9924-D5B0E4F50EAC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.15.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BFBE00A-3FB7-4D10-807C-67CA59B91044\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.15.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E486ABD-DD1D-43A9-9783-894694E0F14C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.15.8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87DEA4E0-8BF1-4558-88F3-D3F3D8161287\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.15.8.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1405C137-D923-436C-A006-F232961BAB24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.15.8.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD929336-FAFB-480C-8CD1-3264C3BE529B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.15.8.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F2B117A-2746-458B-AB77-37EB40646482\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.15.8.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD8A1B4A-59D3-4D0F-80CC-7D8F94B5699E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.15.8.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A12559EE-7FAC-4C21-99CC-D076E98CA137\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.15.8.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B7B48B-B915-43D7-9AE4-EA1322925EDE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.15.8.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7AE1019-67C2-4334-83DC-75754C997079\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.15.8.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4AC0E03-C115-4B5C-9D1B-CD86B749B8C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.15.8.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0C7B663-4ADD-42A7-B302-975C05288BDA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.15.8.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9EE9B3E-C62B-4C97-A8A5-16CCAA392FD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.15.8.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"248E90A5-6A3C-4647-891E-005DA3A46C6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:dpkg:1.15.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35ECCA17-BB6A-4DDA-8F26-C84628B95A3A\"}]}]}],\"references\":[{\"url\":\"http://metadata.ftp-master.debian.org/changelogs//main/d/dpkg/dpkg_1.15.10_changelog\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://seclists.org/oss-sec/2014/q2/191\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://seclists.org/oss-sec/2014/q2/227\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/67181\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=746306\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://metadata.ftp-master.debian.org/changelogs//main/d/dpkg/dpkg_1.15.10_changelog\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://seclists.org/oss-sec/2014/q2/191\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://seclists.org/oss-sec/2014/q2/227\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/67181\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=746306\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.