CVE-2009-4014

CVSS V2 High 7.5 CVSS V3 None
Description
Multiple format string vulnerabilities in Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allow remote attackers to have an unspecified impact via vectors involving (1) check scripts and (2) the Lintian::Schedule module.
Overview
  • CVE ID
  • CVE-2009-4014
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2010-02-02T16:30:02
  • Last Modified Date
  • 2010-02-03T05:00:00
Weakness Enumerations
CWE URL
CWE-134 http://cwe.mitre.org/data/definitions/134.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:debian:lintian:1.23.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:1.23.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:1.23.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:1.23.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:1.23.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:1.23.5:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:1.23.6:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:1.23.7:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:1.23.8:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:1.23.9:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:1.23.10:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:1.23.11:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:1.23.12:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:1.23.13:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:1.23.14:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:1.23.15:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:1.23.16:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:1.23.17:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:1.23.18:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:1.23.19:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:1.23.20:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:1.23.22:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:1.23.23:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:1.23.24:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:1.23.25:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:1.23.26:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:1.23.27:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:1.23.28:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:1.24.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:1.24.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:1.24.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:1.24.2.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:2.0-rc1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:2.0-rc2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:2.1.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:2.1.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:2.1.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:2.1.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:2.1.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:2.1.5:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:2.1.6:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:2.2.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:2.2.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:2.2.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:2.2.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:2.2.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:2.2.5:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:2.2.6:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:2.2.7:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:2.2.8:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:2.2.9:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:2.2.10:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:2.2.11:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:2.2.12:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:2.2.13:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:2.2.14:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:2.2.15:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:2.2.16:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:2.2.18:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:2.3.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:debian:lintian:2.3.1:*:*:*:*:*:*:* 1 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:L/Au:N/C:P/I:P/A:P
  • Access Vector
  • NETWORK
  • Access Compatibility
  • LOW
  • Authentication
  • NONE
  • Confidentiality Impact
  • PARTIAL
  • Integrity Impact
  • PARTIAL
  • Availability Impact
  • PARTIAL
  • Base Score
  • 7.5
  • Severity
  • HIGH
  • Exploitability Score
  • 10
  • Impact Score
  • 6.4
References
Reference URL Reference Tags
http://packages.qa.debian.org/l/lintian/news/20100128T015554Z.html
http://www.securityfocus.com/bid/37975 Patch
http://secunia.com/advisories/38375 Vendor Advisory
http://www.debian.org/security/2010/dsa-1979 Vendor Advisory
http://git.debian.org/?p=lintian/lintian.git;a=commit;h=c8d01f062b3e5137cf65196760b079a855c75e00
http://www.ubuntu.com/usn/USN-891-1
http://secunia.com/advisories/38379 Vendor Advisory
http://git.debian.org/?p=lintian/lintian.git;a=commit;h=fbe0c92b2ef7e360d13414bf40d6af5507d0c86d
http://packages.debian.org/changelogs/pool/main/l/lintian/lintian_2.3.2/changelog
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2009-4014
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4014
History
Created Old Value New Value Data Type Notes
2022-05-10 11:12:31 Added to TrackCVE