Directory Traversal Vulnerabilities in dpkg-source in dpkg-dev 1.3.0

CVE-2014-3865 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:P

Multiple directory traversal vulnerabilities in dpkg-source in dpkg-dev 1.3.0 allow remote attackers to modify files outside of the intended directories via a source package with a crafted Index: pseudo-header in conjunction with (1) missing --- and +++ header lines or (2) a +++ header line with a blank pathname.

Learn more about our Web Application Penetration Testing UK.