Vulnerabilities > CVE-2008-1902 - Remote Security vulnerability in Aptlinex

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

debian

NVD

Published: 2008-04-22

Updated: 2017-08-08

Summary

The GUI for aptlinex before 0.91 does not sufficiently warn the user of potentially dangerous actions, which allows remote attackers to remove or modify packages via an apt:// URL.

Vulnerable Configurations

Part	Description	Count
Application	Debian Debian Aptlinex 0.6-1 Debian Aptlinex 0.7-1 Debian Aptlinex 0.8-1 Debian Aptlinex 0.8-2 Debian Aptlinex 0.9-1	5

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476572
https://exchange.xforce.ibmcloud.com/vulnerabilities/41954