CVE-2012-2242 (retired)

Priority
Description
scripts/dget.pl in devscripts before 2.10.73 allows remote attackers to
execute arbitrary commands via a crafted (1) .dsc or (2) .changes file,
related to "arguments to external commands" that are not properly escaped,
a different vulnerability than CVE-2012-2240.
Assigned-to
mdeslaur
Package
Upstream:released (2.12.3)
Ubuntu 12.04 ESM (Precise Pangolin):not-affected
Patches:
Vendor:http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git;a=commit;h=db49f493baaac2387a4dd76370c1018109e31dfc (2.10)
More Information

Updated: 2019-03-26 12:01:53 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)