Candidate: CVE-2013-2738
PublicDate: 2019-11-01 12:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2738
 http://www.securityfocus.com/archive/1/527299/30/0
Description:
 minidlna has SQL Injection that may allow retrieval of arbitrary files
Ubuntu-Description:
Notes:
 seth-arnold> might be fixed by
  http://sourceforge.net/p/minidlna/git/ci/cd20aa0b244b46e8173a6c83e4af7b8f1e521c58/
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717131
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [9.8 CRITICAL]

Patches_minidlna:
upstream_minidlna: released (1.1.0)
lucid_minidlna: DNE
precise_minidlna: ignored (reached end-of-life)
precise/esm_minidlna: DNE (precise was needed)
quantal_minidlna: ignored (reached end-of-life)
raring_minidlna: ignored (reached end-of-life)
saucy_minidlna: ignored (reached end-of-life)
trusty_minidlna: DNE
trusty/esm_minidlna: DNE
utopic_minidlna: released (1.1.2+dfsg-1)
vivid_minidlna: released (1.1.2+dfsg-1)
vivid/stable-phone-overlay_minidlna: DNE
vivid/ubuntu-core_minidlna: DNE
wily_minidlna: released (1.1.2+dfsg-1)
xenial_minidlna: released (1.1.2+dfsg-1)
yakkety_minidlna: released (1.1.2+dfsg-1)
zesty_minidlna: released (1.1.2+dfsg-1)
devel_minidlna: released (1.1.2+dfsg-1)