CVE-2013-1429
MEDIUMLintian < 2.5.12 - Information Disclosure via Symlink Resolution
Title source: llmDescription
Lintian before 2.5.12 allows remote attackers to gather information about the "host" system using crafted symlinks.
References (4)
Core 4
Core References
Third Party Advisory x_refsource_misc
https://security-tracker.debian.org/tracker/CVE-2013-1429
Third Party Advisory x_refsource_misc
https://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-1429.html
Mailing List x_refsource_misc
https://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg1113881.html
Third Party Advisory x_refsource_misc
https://bugs.launchpad.net/ubuntu/+source/lintian/+bug/1169636
Scores
CVSS v3
6.3
EPSS
0.0130
EPSS Percentile
66.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
Details
CWE
CWE-59
Status
published
Products (6)
canonical/ubuntu_linux
12.04
debian/debian_linux
8.0
debian/debian_linux
9.0
debian/debian_linux
10.0
debian/lintian
2.5.11
debian/lintian
< 2.5.10.5
Published
Nov 07, 2019
Tracked Since
Feb 18, 2026