Multiple format string vulnerabilities in the parse_error_msg function in parsehelp.c in dpkg before 1.17.22 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the (1) package or (2) architecture name.
                
            References
                    Configurations
                    History
                    No history.
Information
                Published : 2015-01-20 15:59
Updated : 2025-04-12 10:46
NVD link : CVE-2014-8625
Mitre link : CVE-2014-8625
CVE.ORG link : CVE-2014-8625
JSON object : View
Products Affected
                debian
- dpkg
CWE
                
                    
                        
                        CWE-134
                        
            Use of Externally-Controlled Format String
