CVE-2011-0402

CWE-597 documents6 sources
Severity
6.8MEDIUM
EPSS
1.3%
top 20.33%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Debian Dpkg
Timeline
PublishedJan 11
Latest updateMay 17

Description

dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify arbitrary files via a symlink attack on unspecified files in the .pc directory.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages2 packages

Debiandpkg< 1.15.8.8+3
NVDdebian/dpkg1.14.30+124

🔴Vulnerability Details

3
GHSA
GHSA-vw3j-pcrq-5hxc: dpkg-source in dpkg before 12022-05-17
OSV
CVE-2011-0402: dpkg-source in dpkg before 12011-01-11
CVEList
CVE-2011-0402: dpkg-source in dpkg before 12011-01-11

📋Vendor Advisories

1
Debian
CVE-2011-0402: dpkg - dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attack...2011

💬Community

2
Bugzilla
CVE-2010-1679 CVE-2011-0402 dpkg various flaws [fedora-all]2011-01-12
Bugzilla
CVE-2011-0402 dpkg: arbitrary file modification via symlink attack2011-01-12
CVE-2011-0402 (MEDIUM CVSS 6.8) | dpkg-source in dpkg before 1.14.31 | cvebase.io