CVE-2012-2240
devscripts - multiple
EPSS 0.97%
Description
scripts/dscverify.pl in devscripts before 2.12.3 allows remote attackers to execute arbitrary commands via unspecified vectors related to "arguments to external commands."
How to fix CVE-2012-2240
To remediate CVE-2012-2240, upgrade the affected package to a fixed version below.
- Debian/devscripts—upgrade to 2.12.3 or later
- Debian/devscripts—upgrade to 2.10.69+squeeze4 or later
Is CVE-2012-2240 being exploited?
Low — EPSS is 1.0%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 2.12.3
- from 0, < 2.10.69+squeeze4