Search CVE reports
11 – 17 of 17 results
CVE-2011-0402
Medium prioritydpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify arbitrary files via a symlink attack on unspecified files in the .pc directory.
1 affected package
dpkg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| dpkg | — | — | — | — | — |
CVE-2010-1679
Medium priorityDirectory traversal vulnerability in dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify arbitrary files via directory traversal sequences in a patch for a source-format 3.0 package.
1 affected package
dpkg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| dpkg | — | — | — | — | — |
CVE-2010-0405
Medium priorityInteger overflow in the BZ2_decompress function in decompress.c in bzip2 and libbzip2 before 1.0.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a...
4 affected packages
bzip2, clamav, dpkg, dump
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| bzip2 | — | — | — | — | — |
| clamav | — | — | — | — | — |
| dpkg | — | — | — | — | — |
| dump | — | — | — | — | — |
CVE-2010-0396
Medium priorityDirectory traversal vulnerability in the dpkg-source component in dpkg before 1.14.29 allows remote attackers to modify arbitrary files via a crafted Debian source archive.
1 affected package
dpkg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| dpkg | — | — | — | — | — |
CVE-2008-4950
Low priority** DISPUTED ** gccross in dpkg-cross 2.3.0 allows local users to overwrite arbitrary files via a symlink attack on the tmp/gccross2.log temporary file. NOTE: the vendor disputes this vulnerability, stating that "There is no sense...
1 affected package
dpkg-cross
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| dpkg-cross | — | — | — | — | — |
CVE-2005-1849
Unknown priorityinftrees.h in zlib 1.2.2 allows remote attackers to cause a denial of service (application crash) via an invalid file that causes a large dynamic tree to be produced.
6 affected packages
aide, dpkg, ia32-libs, rpm, sash, zlib
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| aide | — | — | — | — | — |
| dpkg | — | — | — | — | — |
| ia32-libs | — | — | — | — | — |
| rpm | — | — | — | — | — |
| sash | — | — | — | — | — |
| zlib | — | — | — | — | — |
CVE-2005-2096
Unknown prioritySome fixes available 19 of 21
zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as...
9 affected packages
aide, bacula, dpkg, dump, ia32-libs...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| aide | — | — | — | — | — |
| bacula | — | — | — | — | — |
| dpkg | — | — | — | — | — |
| dump | — | — | — | — | — |
| ia32-libs | — | — | — | — | — |
| rpm | — | — | — | — | — |
| sash | — | — | — | — | — |
| zlib | — | — | — | — | — |
| zsync | — | — | — | — | — |