Untrusted Search Path Vulnerability in apt-listchanges by Debian
CVE-2008-0302

Currently unrated

Key Information:

Vendor: Debian
Status: Apt-listchanges
Vendor: CVE Published:; 17 January 2008

Summary

The untrusted search path vulnerability in apt-listchanges prior to version 2.82 allows local users to execute arbitrary code. This occurs when a malicious apt-listchanges program is executed from the current working directory, potentially compromising system security. Users are advised to upgrade to the latest version to mitigate this risk.

References

http://secunia.com/advisories/28574

third-party-advisoryx_refsource_SECUNIA

http://www.ubuntu.com/usn/usn-572-1

vendor-advisoryx_refsource_UBUNTU

http://packages.debian.org/changelogs/pool/main/a/apt-lis...

x_refsource_CONFIRM

Timeline

Vulnerability published
Jan 17, 2008
Vulnerability Reserved
Jan 16, 2008