CVE-2013-7069

Published Dec 14, 2013

Last updated 11 years ago

Overview

Description: ack 2.00 through 2.11_02 allows remote attackers to execute arbitrary code via a (1) --pager, (2) --regex, or (3) --output option in a .ackrc file in a directory to be searched.
Source: security@debian.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.8
Impact score: 6.4
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-94

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:beyondgrep:ack:2.00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B8AD979-4180-473C-983C-D8B796E53671"
          },
          {
            "criteria": "cpe:2.3:a:beyondgrep:ack:2.02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "676A48D8-2100-451D-B9B5-9F39E46FA320"
          },
          {
            "criteria": "cpe:2.3:a:beyondgrep:ack:2.04:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0523A30B-5AC2-409B-A2EF-36EC931DA175"
          },
          {
            "criteria": "cpe:2.3:a:beyondgrep:ack:2.05_01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E4E53D91-6DDA-42F6-B46C-FD1EC2DB6B57"
          },
          {
            "criteria": "cpe:2.3:a:beyondgrep:ack:2.06:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "35C905F3-AF84-423C-BFE2-E319293FE0A5"
          },
          {
            "criteria": "cpe:2.3:a:beyondgrep:ack:2.08:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9412BBE2-E307-4D4A-BD16-17948C67837D"
          },
          {
            "criteria": "cpe:2.3:a:beyondgrep:ack:2.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "859B32C3-A67C-4B06-BF75-ADC2FBDF0254"
          },
          {
            "criteria": "cpe:2.3:a:beyondgrep:ack:2.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BC5DAC4A-57B7-420A-BE72-57E527F5DDE5"
          },
          {
            "criteria": "cpe:2.3:a:beyondgrep:ack:2.11_01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "416D383F-359E-4696-80F6-8BD4080DCD05"
          },
          {
            "criteria": "cpe:2.3:a:beyondgrep:ack:2.11_02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D7705C2D-F59D-4398-A735-AEF0EEF1364E"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References