Remote Code Execution Vulnerability in Devscripts by Debian
CVE-2013-7325

8.8HIGH

Key Information:

Vendor

Debian
Status
Devscripts
Vendor
CVE Published:
3 December 2019

What is CVE-2013-7325?

A vulnerability exists in the 'uscan' tool in devscripts prior to version 2.13.19. This flaw permits a remote user to execute arbitrary code by crafting a malicious tarball. If an unsuspecting user processes this tarball, it could lead to unauthorized code execution on their system, possibly compromising its integrity and security.

References

https://security-tracker.debian.org/tracker/CVE-2013-7325
x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7325
x_refsource_MISC
http://www.openwall.com/lists/oss-security/2014/02/12/14
x_refsource_MISC

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.