VIR Vulnerability Intelligence Relay

CVE-2012-2240

high
Published 2012-10-01 · Modified 2026-04-29
CVSS v3
CVSS v2
7.5
VIR risk
7.5

Description

scripts/dscverify.pl in devscripts before 2.12.3 allows remote attackers to execute arbitrary commands via unspecified vectors related to "arguments to external commands."

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2012-2240

vendor Authored 2026-05-27

Vendor advisory: security@debian.org — http://secunia.com/advisories/50600

OS impact
OSVersionStatusFixed in
debian debianbookwormfixed2.12.3
debian debianbullseyefixed2.12.3
debian debianforkyfixed2.12.3
debian debiansidfixed2.12.3
debian debiantrixiefixed2.12.3

Application impact
VendorProductVersionsFixed
devscripts_devel_teamdevscripts{"endIncluding":"2.12.2"}
devscripts_devel_teamdevscripts2.7.0
devscripts_devel_teamdevscripts2.8.14
devscripts_devel_teamdevscripts2.9.21
devscripts_devel_teamdevscripts2.9.22
devscripts_devel_teamdevscripts2.9.23
devscripts_devel_teamdevscripts2.9.24
devscripts_devel_teamdevscripts2.9.25
devscripts_devel_teamdevscripts2.9.26
devscripts_devel_teamdevscripts2.9.27
devscripts_devel_teamdevscripts2.10.0
devscripts_devel_teamdevscripts2.10.1
devscripts_devel_teamdevscripts2.10.3
devscripts_devel_teamdevscripts2.10.6
devscripts_devel_teamdevscripts2.10.7
devscripts_devel_teamdevscripts2.10.8
devscripts_devel_teamdevscripts2.10.9
devscripts_devel_teamdevscripts2.10.10
devscripts_devel_teamdevscripts2.10.11
devscripts_devel_teamdevscripts2.10.12
devscripts_devel_teamdevscripts2.10.13
devscripts_devel_teamdevscripts2.10.14
devscripts_devel_teamdevscripts2.10.15
devscripts_devel_teamdevscripts2.10.16
devscripts_devel_teamdevscripts2.10.17
devscripts_devel_teamdevscripts2.10.18
devscripts_devel_teamdevscripts2.10.18.1
devscripts_devel_teamdevscripts2.10.19
devscripts_devel_teamdevscripts2.10.20
devscripts_devel_teamdevscripts2.10.21
devscripts_devel_teamdevscripts2.10.22
devscripts_devel_teamdevscripts2.10.23
devscripts_devel_teamdevscripts2.10.24
devscripts_devel_teamdevscripts2.10.25
devscripts_devel_teamdevscripts2.10.26
devscripts_devel_teamdevscripts2.10.27
devscripts_devel_teamdevscripts2.10.28
devscripts_devel_teamdevscripts2.10.29
devscripts_devel_teamdevscripts2.10.30
devscripts_devel_teamdevscripts2.10.31
devscripts_devel_teamdevscripts2.10.32
devscripts_devel_teamdevscripts2.10.33
devscripts_devel_teamdevscripts2.10.34
devscripts_devel_teamdevscripts2.10.35
devscripts_devel_teamdevscripts2.10.36
devscripts_devel_teamdevscripts2.10.38
devscripts_devel_teamdevscripts2.10.39
devscripts_devel_teamdevscripts2.10.40
devscripts_devel_teamdevscripts2.10.41
devscripts_devel_teamdevscripts2.10.42
devscripts_devel_teamdevscripts2.10.43
devscripts_devel_teamdevscripts2.10.44
devscripts_devel_teamdevscripts2.10.45
devscripts_devel_teamdevscripts2.10.46
devscripts_devel_teamdevscripts2.10.47
devscripts_devel_teamdevscripts2.10.48
devscripts_devel_teamdevscripts2.10.49
devscripts_devel_teamdevscripts2.10.50
devscripts_devel_teamdevscripts2.10.51
devscripts_devel_teamdevscripts2.10.52
devscripts_devel_teamdevscripts2.10.53
devscripts_devel_teamdevscripts2.10.54
devscripts_devel_teamdevscripts2.10.55
devscripts_devel_teamdevscripts2.10.56
devscripts_devel_teamdevscripts2.10.57
devscripts_devel_teamdevscripts2.10.58
devscripts_devel_teamdevscripts2.10.59
devscripts_devel_teamdevscripts2.10.60
devscripts_devel_teamdevscripts2.10.61
devscripts_devel_teamdevscripts2.10.62
devscripts_devel_teamdevscripts2.10.63
devscripts_devel_teamdevscripts2.10.64
devscripts_devel_teamdevscripts2.10.65.1
devscripts_devel_teamdevscripts2.10.66
devscripts_devel_teamdevscripts2.10.67
devscripts_devel_teamdevscripts2.10.68
devscripts_devel_teamdevscripts2.11.0
devscripts_devel_teamdevscripts2.11.1
devscripts_devel_teamdevscripts2.11.2
devscripts_devel_teamdevscripts2.11.3
devscripts_devel_teamdevscripts2.11.4
devscripts_devel_teamdevscripts2.11.5
devscripts_devel_teamdevscripts2.11.6
devscripts_devel_teamdevscripts2.11.7
devscripts_devel_teamdevscripts2.11.8
devscripts_devel_teamdevscripts2.11.9
devscripts_devel_teamdevscripts2.12.0
devscripts_devel_teamdevscripts2.12.1

References

CWEs

CWE-20

Verify integrity in audit chain (admin only). AS-IS.