Multiple format string vulnerabilities in the parse_error_msg function in parsehelp.c in dpkg prior to 1.17.22 allow remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the (1) package or (2) architecture name.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
debian dpkg |