CVE-2014-0479

reportbug <6.4.4+deb7u1, <6.5.0+nmu1 - RCE

Title source: llm
STIX 2.1

Description

reportbug before 6.4.4+deb7u1 and 6.5.x before 6.5.0+nmu1 allows remote attackers to execute arbitrary commands via vectors related to compare_versions and reportbug/checkversions.py.

References (6)

Core 6
Core References
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/59896
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2014/dsa-2997
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/95149
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/69055
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/109858

Scores

EPSS 0.0273
EPSS Percentile 84.3%

Details

CWE
CWE-94
Status published
Products (2)
canonical/reportbug < 6.5.0
debian/reportbug < 6.4.4
Published Aug 06, 2014
Tracked Since Feb 18, 2026