VIR Vulnerability Intelligence Relay

CVE-2012-2241

medium
Published 2012-10-01 ยท Modified 2026-04-29
๐Ÿ’ฌ Discuss on Community โœš Propose mitigation
CVSS v3
โ€”
CVSS v4 NEW
โ€”
not yet in upstream
VIR risk
5.0

Description

scripts/dget.pl in devscripts before 2.12.3 allows remote attackers to delete arbitrary files via a crafted (1) .dsc or (2) .changes file, probably related to a NULL byte in a filename.

Predictions

Exploit likelihood
20%
Patch ETA
โ€”

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No mitigations published for this CVE yet.

The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ€” if you've already worked around this in production โ€” publish your fix to the community-verified tier.

โœš Propose a mitigation on Community โ†’ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here with source_tier=community-verified.

OS impact
OSVersionStatusFixed in
debian debianbookwormfixed2.12.3
debian debianbullseyefixed2.12.3
debian debianforkyfixed2.12.3
debian debiansidfixed2.12.3
debian debiantrixiefixed2.12.3

Application impact
VendorProductVersionsFixed
devscripts_devel_teamdevscripts{"endIncluding":"2.12.2"}
devscripts_devel_teamdevscripts2.7.0
devscripts_devel_teamdevscripts2.8.14
devscripts_devel_teamdevscripts2.9.21
devscripts_devel_teamdevscripts2.9.22
devscripts_devel_teamdevscripts2.9.23
devscripts_devel_teamdevscripts2.9.24
devscripts_devel_teamdevscripts2.9.25
devscripts_devel_teamdevscripts2.9.26
devscripts_devel_teamdevscripts2.9.27
devscripts_devel_teamdevscripts2.10.0
devscripts_devel_teamdevscripts2.10.1
devscripts_devel_teamdevscripts2.10.3
devscripts_devel_teamdevscripts2.10.6
devscripts_devel_teamdevscripts2.10.7
devscripts_devel_teamdevscripts2.10.8
devscripts_devel_teamdevscripts2.10.9
devscripts_devel_teamdevscripts2.10.10
devscripts_devel_teamdevscripts2.10.11
devscripts_devel_teamdevscripts2.10.12
devscripts_devel_teamdevscripts2.10.13
devscripts_devel_teamdevscripts2.10.14
devscripts_devel_teamdevscripts2.10.15
devscripts_devel_teamdevscripts2.10.16
devscripts_devel_teamdevscripts2.10.17
devscripts_devel_teamdevscripts2.10.18
devscripts_devel_teamdevscripts2.10.18.1
devscripts_devel_teamdevscripts2.10.19
devscripts_devel_teamdevscripts2.10.20
devscripts_devel_teamdevscripts2.10.21
devscripts_devel_teamdevscripts2.10.22
devscripts_devel_teamdevscripts2.10.23
devscripts_devel_teamdevscripts2.10.24
devscripts_devel_teamdevscripts2.10.25
devscripts_devel_teamdevscripts2.10.26
devscripts_devel_teamdevscripts2.10.27
devscripts_devel_teamdevscripts2.10.28
devscripts_devel_teamdevscripts2.10.29
devscripts_devel_teamdevscripts2.10.30
devscripts_devel_teamdevscripts2.10.31
devscripts_devel_teamdevscripts2.10.32
devscripts_devel_teamdevscripts2.10.33
devscripts_devel_teamdevscripts2.10.34
devscripts_devel_teamdevscripts2.10.35
devscripts_devel_teamdevscripts2.10.36
devscripts_devel_teamdevscripts2.10.38
devscripts_devel_teamdevscripts2.10.39
devscripts_devel_teamdevscripts2.10.40
devscripts_devel_teamdevscripts2.10.41
devscripts_devel_teamdevscripts2.10.42
devscripts_devel_teamdevscripts2.10.43
devscripts_devel_teamdevscripts2.10.44
devscripts_devel_teamdevscripts2.10.45
devscripts_devel_teamdevscripts2.10.46
devscripts_devel_teamdevscripts2.10.47
devscripts_devel_teamdevscripts2.10.48
devscripts_devel_teamdevscripts2.10.49
devscripts_devel_teamdevscripts2.10.50
devscripts_devel_teamdevscripts2.10.51
devscripts_devel_teamdevscripts2.10.52
devscripts_devel_teamdevscripts2.10.53
devscripts_devel_teamdevscripts2.10.54
devscripts_devel_teamdevscripts2.10.55
devscripts_devel_teamdevscripts2.10.56
devscripts_devel_teamdevscripts2.10.57
devscripts_devel_teamdevscripts2.10.58
devscripts_devel_teamdevscripts2.10.59
devscripts_devel_teamdevscripts2.10.60
devscripts_devel_teamdevscripts2.10.61
devscripts_devel_teamdevscripts2.10.62
devscripts_devel_teamdevscripts2.10.63
devscripts_devel_teamdevscripts2.10.64
devscripts_devel_teamdevscripts2.10.65.1
devscripts_devel_teamdevscripts2.10.66
devscripts_devel_teamdevscripts2.10.67
devscripts_devel_teamdevscripts2.10.68
devscripts_devel_teamdevscripts2.11.0
devscripts_devel_teamdevscripts2.11.1
devscripts_devel_teamdevscripts2.11.2
devscripts_devel_teamdevscripts2.11.3
devscripts_devel_teamdevscripts2.11.4
devscripts_devel_teamdevscripts2.11.5
devscripts_devel_teamdevscripts2.11.6
devscripts_devel_teamdevscripts2.11.7
devscripts_devel_teamdevscripts2.11.8
devscripts_devel_teamdevscripts2.11.9
devscripts_devel_teamdevscripts2.12.0
devscripts_devel_teamdevscripts2.12.1

References

CWEs

CWE-20

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.