CVE-2008-0302
apt-listchanges < 2.82 - Local Code Execution via Untrusted Search Path
Title source: llmDescription
Untrusted search path vulnerability in apt-listchanges.py in apt-listchanges before 2.82 allows local users to execute arbitrary code via a malicious apt-listchanges program in the current working directory.
References (7)
Core 7
Core References
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/28574
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/usn-572-1
Various Sources x_refsource_confirm
http://packages.debian.org/changelogs/pool/main/a/apt-listchanges/apt-listchanges_2.82/changelog
Various Sources x_refsource_confirm
http://git.madism.org/?p=apt-listchanges.git%3Ba=commitdiff%3Bh=1bcfbf3dc55413bb83a1782dc9a54515a963fb32
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/28513
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2008/dsa-1465
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/27331
Scores
EPSS
0.0069
EPSS Percentile
48.2%
Details
CWE
CWE-94
Status
published
Products (1)
debian/apt-listchanges
< 2.81
Published
Jan 17, 2008
Tracked Since
Feb 18, 2026