CVE-2009-4014
Lintian < 2.3.2 - Use of Externally-Controlled Format String in Check Scripts and Schedule Module
Title source: llmDescription
Multiple format string vulnerabilities in Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allow remote attackers to have an unspecified impact via vectors involving (1) check scripts and (2) the Lintian::Schedule module.
References (9)
Core 9
Core References
Various Sources x_refsource_confirm
http://git.debian.org/?p=lintian/lintian.git%3Ba=commit%3Bh=fbe0c92b2ef7e360d13414bf40d6af5507d0c86d
Various Sources mailing-list
x_refsource_mlist
http://packages.qa.debian.org/l/lintian/news/20100128T015554Z.html
Various Sources x_refsource_confirm
http://packages.debian.org/changelogs/pool/main/l/lintian/lintian_2.3.2/changelog
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/38379
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/38375
Vendor Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2010/dsa-1979
Various Sources x_refsource_confirm
http://git.debian.org/?p=lintian/lintian.git%3Ba=commit%3Bh=c8d01f062b3e5137cf65196760b079a855c75e00
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/37975
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-891-1
Scores
EPSS
0.0306
EPSS Percentile
85.9%
Details
CWE
CWE-134
Status
published
Products (50)
debian/lintian
1.23.0
debian/lintian
1.23.1
debian/lintian
1.23.2
debian/lintian
1.23.3
debian/lintian
1.23.4
debian/lintian
1.23.5
debian/lintian
1.23.6
debian/lintian
1.23.7
debian/lintian
1.23.8
debian/lintian
1.23.9
... and 40 more
Published
Feb 02, 2010
Tracked Since
Feb 18, 2026