CVE-2014-8625

描述

Multiple format string vulnerabilities in the parse_error_msg function in parsehelp.c in dpkg before 1.17.22 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the (1) package or (2) architecture name.

受影響套件(1)

• Debian/dpkgfrom 0, < 1.17.22

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-8625